hive-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lefty Leverenz (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HIVE-8611) grant/revoke syntax should support additional objects for authorization plugins
Date Tue, 11 Nov 2014 07:35:33 GMT

    [ https://issues.apache.org/jira/browse/HIVE-8611?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14206073#comment-14206073
] 

Lefty Leverenz commented on HIVE-8611:
--------------------------------------

Doc note:  This adds *hive.security.authorization.task.factory* to HiveConf.java, so it needs
to be documented in the wiki for 0.15.0.  It belongs somewhere in the Authentication/Authorization
section -- but where exactly?

* [Configuration Properties -- Authentication/Authorization | https://cwiki.apache.org/confluence/display/Hive/Configuration+Properties#ConfigurationProperties-Authentication/Authorization]

More questions:  Does this need to be documented in the grant/revoke syntax sections?  If
so, is it for both default and SQL standards based authorization?

* [Hive Default Authorization -- Legacy Mode | https://cwiki.apache.org/confluence/display/Hive/Hive+Default+Authorization+-+Legacy+Mode]
* [SQL Standard Based Hive Authorization | https://cwiki.apache.org/confluence/display/Hive/SQL+Standard+Based+Hive+Authorization]



> grant/revoke syntax should support additional objects for authorization plugins
> -------------------------------------------------------------------------------
>
>                 Key: HIVE-8611
>                 URL: https://issues.apache.org/jira/browse/HIVE-8611
>             Project: Hive
>          Issue Type: Bug
>          Components: Authentication, SQL
>    Affects Versions: 0.13.0
>            Reporter: Prasad Mujumdar
>            Assignee: Prasad Mujumdar
>             Fix For: 0.15.0
>
>         Attachments: HIVE-8611.1.patch, HIVE-8611.2.patch, HIVE-8611.2.patch, HIVE-8611.3.patch,
HIVE-8611.4.patch
>
>
> The authorization framework supports URI and global objects. The SQL syntax however doesn't
allow granting privileges on these objects. We should allow the compiler to parse these so
that it can be handled by authorization plugins.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message