hive-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Larry McCay (JIRA)" <>
Subject [jira] [Commented] (HIVE-7175) Provide password file option to beeline
Date Wed, 11 Jun 2014 12:37:01 GMT


Larry McCay commented on HIVE-7175:

I just realized that this is the users' LDAP password.
It would be unfortunate to have to leave this laying around in various places unless absolutely

Does the beeline CLI currently allow for using the java Console to collect the password from
the user?

I understand that for scripting type purposes we may need another collection mechanism but
for usecases with a user and console available the users' passwords should not be persisted
outside of the directory itself when it can be avoided.

For cases where it can not be avoided the side file approach is certainly better than on the
command line itself in terms of visibility.

> Provide password file option to beeline
> ---------------------------------------
>                 Key: HIVE-7175
>                 URL:
>             Project: Hive
>          Issue Type: Improvement
>          Components: CLI, Clients
>    Affects Versions: 0.13.0
>            Reporter: Robert Justice
>            Assignee: Dr. Wendell Urth
>              Labels: features, security
>         Attachments: HIVE-7175.patch
> For people connecting to Hive Server 2 with LDAP authentication enabled, in order to
batch run commands, we currently have to provide the password openly in the command line.
  They could use some expect scripting, but I think a valid improvement would be to provide
a password file option similar to other CLI commands in hadoop (e.g. sqoop) to be more secure.

This message was sent by Atlassian JIRA

View raw message