hive-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Todd Richmond (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HIVE-16529) Replace JPAM with libpam4j for PAM authentication
Date Mon, 07 Aug 2017 19:56:00 GMT

    [ https://issues.apache.org/jira/browse/HIVE-16529?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16117158#comment-16117158
] 

Todd Richmond commented on HIVE-16529:
--------------------------------------

sorry - libpam4j in public repos - not JPAM (which does not have a corruption patch)

> Replace JPAM with libpam4j for PAM authentication
> -------------------------------------------------
>
>                 Key: HIVE-16529
>                 URL: https://issues.apache.org/jira/browse/HIVE-16529
>             Project: Hive
>          Issue Type: Improvement
>          Components: Authentication
>    Affects Versions: 1.2.0
>            Reporter: Richard Ding
>            Assignee: Sailaja Navvluru
>
> PAM authentication is an important feature available since Hive 0.13. But Hive blog gives
the following warnings:
> {quote}
> JPAM library that is used to provide the PAM authentication mode can cause HiveServer2
to go down if a user's password has expired. This happens because of segfault/core dumps from
native code invoked by JPAM. Some users have also reported crashes during logins in other
cases as well. Use of LDAP or KERBEROS is recommended.
> {quote}
> ​JPAM also requires user to install a native library. ​Furthermore, JPAM library
seems not to have been updated since 2007.
> Other Apache projects (e.g. Ambari/Ranger/Knox) use a newer library libpam4j which doesn't
require installation of native library. 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message