hive-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aihua Xu (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HIVE-20053) Separate Hive Security from SessionState
Date Mon, 02 Jul 2018 18:55:00 GMT

     [ https://issues.apache.org/jira/browse/HIVE-20053?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Aihua Xu updated HIVE-20053:
----------------------------
    Description: 
Right now we have Hive security classes associated with SessionState. When HiveServer2 starts,
the service session will initialize it and later each session will need to reinitialize. Since
such security configuration is on service level, we should move security info out out SessionState
and make it Singleton so we can initialize it once.

And also, since SessionState.setupAuth()  - to setup authentication and authorization is not
synchronized, we could run into concurrency issue if queries or meta operations are run within
same session.     

  was:
Right now we have Hive security classes associated with SessionState. When HiveServer2 starts,
the service session will initialize it and later each session will need to reinitialize it.
Since such security configuration is on service level, we should move security info out out
SessionState and make it Singleton so we can initialize it once.

And also, since SessionState.setupAuth()  - to setup authentication and authorization is not
synchronized, we could run into concurrency issue if queries or meta operations are run within
same session.     


> Separate Hive Security from SessionState
> ----------------------------------------
>
>                 Key: HIVE-20053
>                 URL: https://issues.apache.org/jira/browse/HIVE-20053
>             Project: Hive
>          Issue Type: Improvement
>          Components: Security
>    Affects Versions: 3.0.0
>            Reporter: Aihua Xu
>            Priority: Major
>
> Right now we have Hive security classes associated with SessionState. When HiveServer2
starts, the service session will initialize it and later each session will need to reinitialize.
Since such security configuration is on service level, we should move security info out out
SessionState and make it Singleton so we can initialize it once.
> And also, since SessionState.setupAuth()  - to setup authentication and authorization
is not synchronized, we could run into concurrency issue if queries or meta operations are
run within same session.     



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message