hive-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sushanth Sowmyan (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HIVE-5402) StorageBasedAuthorizationProvider is not correctly able to determine that it is running from client-side
Date Sat, 05 Oct 2013 00:08:44 GMT

    [ https://issues.apache.org/jira/browse/HIVE-5402?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13786774#comment-13786774
] 

Sushanth Sowmyan commented on HIVE-5402:
----------------------------------------

We do have an issue on how to do authorization, and we need to know whether we're called from
ql, in which case we have a Hive or if we're called from the metastore, in which case we do
not have a Hive, but we do have a HiveMetaStoreHandler. There is a class called HiveProxy
that tries to common-alize this behaviour, but to instantiate it, we need to know whether
we're being instantiated from the Metastore or ql. We could solve this by having two separate
classes, and the original intent of SBAP was to work from the metastore, but that is unnecessary
duplication.

The one other change that I could consider from your request is that for client side auth
also, we would run through a local metastore, and thus, we could do the authorization from
there itself. I would also agree with that approach, although that requires some beefing up
first. That, however, would be another redesign if we wanted to pursue that.

Also, getConf() returns Configuration because the HiveAuthorizationProvider implements Configurable,
and we use a hadoop interface in the process. That would be broadening the scope significantly,
and if you want to go around changing Configurable to HiveConfigurable all over the place,
that should again be a different task to undertake. :)


> StorageBasedAuthorizationProvider is not correctly able to determine that it is running
from client-side
> --------------------------------------------------------------------------------------------------------
>
>                 Key: HIVE-5402
>                 URL: https://issues.apache.org/jira/browse/HIVE-5402
>             Project: Hive
>          Issue Type: Bug
>          Components: Authorization
>            Reporter: Sushanth Sowmyan
>            Assignee: Sushanth Sowmyan
>         Attachments: HIVE-5402.2.patch, HIVE-5402.patch
>
>
> HIVE-5048 tried to change the StorageBasedAuthorizationProvider (SBAP) so that it could
be run from the client side as well.
> However, there is a bug that causes SBAP to incorrectly conclude that it's running from
the metastore-side when it's actually running from the client-side that causes it to throw
a IllegalStateException claiming the warehouse variable isn't set.



--
This message was sent by Atlassian JIRA
(v6.1#6144)

Mime
View raw message