[
https://issues.apache.org/jira/browse/HIVE-78?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12923667#action_12923667
]
He Yongqiang commented on HIVE-78:
----------------------------------
The other option we came up from offline discussion is the rule of "one accept
then accept" but in a hierarchy style. First check privileges granted the user
and groups. One accept then accept; One deny then deny. And then check role
level privileges, one accept then accept; one deny then deny.
We prefer to go with this rule. Please comment, and if no concerns on this, i
will update the wiki.
> Authorization infrastructure for Hive
> -------------------------------------
>
> Key: HIVE-78
> URL: https://issues.apache.org/jira/browse/HIVE-78
> Project: Hive
> Issue Type: New Feature
> Components: Server Infrastructure
> Reporter: Ashish Thusoo
> Assignee: He Yongqiang
> Attachments: createuser-v1.patch, hive-78-metadata-v1.patch,
> hive-78-syntax-v1.patch, hive-78.diff
>
>
> Allow hive to integrate with existing user repositories for authentication
> and authorization infromation.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
