Return-Path: X-Original-To: apmail-hive-issues-archive@minotaur.apache.org Delivered-To: apmail-hive-issues-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 69F53186EE for ; Wed, 6 Jan 2016 10:37:40 +0000 (UTC) Received: (qmail 49354 invoked by uid 500); 6 Jan 2016 10:37:40 -0000 Delivered-To: apmail-hive-issues-archive@hive.apache.org Received: (qmail 49329 invoked by uid 500); 6 Jan 2016 10:37:40 -0000 Mailing-List: contact issues-help@hive.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@hive.apache.org Delivered-To: mailing list issues@hive.apache.org Received: (qmail 49311 invoked by uid 99); 6 Jan 2016 10:37:40 -0000 Received: from arcas.apache.org (HELO arcas) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 06 Jan 2016 10:37:40 +0000 Received: from arcas.apache.org (localhost [127.0.0.1]) by arcas (Postfix) with ESMTP id CC03F2C0453 for ; Wed, 6 Jan 2016 10:37:39 +0000 (UTC) Date: Wed, 6 Jan 2016 10:37:39 +0000 (UTC) From: "Hive QA (JIRA)" To: issues@hive.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (HIVE-12429) Switch default Hive authorization to SQLStandardAuth in 2.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HIVE-12429?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15085383#comment-15085383 ] Hive QA commented on HIVE-12429: -------------------------------- Here are the results of testing the latest attachment: https://issues.apache.org/jira/secure/attachment/12780619/HIVE-12429.14.patch {color:green}SUCCESS:{color} +1 due to 54 test(s) being added or modified. {color:red}ERROR:{color} -1 due to 18 failed/errored test(s), 9981 tests executed *Failed tests:* {noformat} TestHWISessionManager - did not produce a TEST-*.xml file TestMiniTezCliDriver-vector_distinct_2.q-load_dyn_part2.q-join1.q-and-12-more - did not produce a TEST-*.xml file org.apache.hadoop.hive.cli.TestNegativeCliDriver.testNegativeCliDriver_authorization_uri_import org.apache.hadoop.hive.cli.TestNegativeCliDriver.testNegativeCliDriver_join_nonexistent_part org.apache.hadoop.hive.cli.TestSparkCliDriver.testCliDriver_order2 org.apache.hadoop.hive.ql.exec.spark.session.TestSparkSessionManagerImpl.testMultiSessionMultipleUse org.apache.hadoop.hive.ql.exec.spark.session.TestSparkSessionManagerImpl.testSingleSessionMultipleUse org.apache.hadoop.hive.ql.security.authorization.plugin.TestHiveOperationType.checkHiveOperationTypeMatch org.apache.hive.jdbc.TestJdbcWithLocalClusterSpark.testTempTable org.apache.hive.jdbc.TestSSL.testSSLVersion org.apache.hive.spark.client.TestSparkClient.testAddJarsAndFiles org.apache.hive.spark.client.TestSparkClient.testCounters org.apache.hive.spark.client.TestSparkClient.testErrorJob org.apache.hive.spark.client.TestSparkClient.testJobSubmission org.apache.hive.spark.client.TestSparkClient.testMetricsCollection org.apache.hive.spark.client.TestSparkClient.testRemoteClient org.apache.hive.spark.client.TestSparkClient.testSimpleSparkJob org.apache.hive.spark.client.TestSparkClient.testSyncRpc {noformat} Test results: http://ec2-174-129-184-35.compute-1.amazonaws.com/jenkins/job/PreCommit-HIVE-TRUNK-Build/6525/testReport Console output: http://ec2-174-129-184-35.compute-1.amazonaws.com/jenkins/job/PreCommit-HIVE-TRUNK-Build/6525/console Test logs: http://ec2-174-129-184-35.compute-1.amazonaws.com/logs/PreCommit-HIVE-TRUNK-Build-6525/ Messages: {noformat} Executing org.apache.hive.ptest.execution.TestCheckPhase Executing org.apache.hive.ptest.execution.PrepPhase Executing org.apache.hive.ptest.execution.ExecutionPhase Executing org.apache.hive.ptest.execution.ReportingPhase Tests exited with: TestsFailedException: 18 tests failed {noformat} This message is automatically generated. ATTACHMENT ID: 12780619 - PreCommit-HIVE-TRUNK-Build > Switch default Hive authorization to SQLStandardAuth in 2.0 > ----------------------------------------------------------- > > Key: HIVE-12429 > URL: https://issues.apache.org/jira/browse/HIVE-12429 > Project: Hive > Issue Type: Task > Components: Authorization, Security > Affects Versions: 2.0.0 > Reporter: Alan Gates > Assignee: Daniel Dai > Attachments: HIVE-12429.1.patch, HIVE-12429.10.patch, HIVE-12429.11.patch, HIVE-12429.12.patch, HIVE-12429.13.patch, HIVE-12429.14.patch, HIVE-12429.2.patch, HIVE-12429.3.patch, HIVE-12429.4.patch, HIVE-12429.5.patch, HIVE-12429.6.patch, HIVE-12429.7.patch, HIVE-12429.8.patch, HIVE-12429.9.patch > > > Hive's default authorization is not real security, as it does not secure a number of features and anyone can grant access to any object to any user. We should switch the default to SQLStandardAuth, which provides real authentication. > As this is a backwards incompatible change this was hard to do previously, but 2.0 gives us a place to do this type of change. > By default authorization will still be off, as there are a few other things to set when turning on authorization (such as the list of admin users). -- This message was sent by Atlassian JIRA (v6.3.4#6332)