Naveen Gangam created HIVE-12885:
------------------------------------
Summary: LDAP Authenticator improvements
Key: HIVE-12885
URL: https://issues.apache.org/jira/browse/HIVE-12885
Project: Hive
Issue Type: Bug
Components: HiveServer2
Affects Versions: 1.1.0
Reporter: Naveen Gangam
Assignee: Naveen Gangam
Currently Hive's LDAP Atn provider assumes certain defaults to keep its
configuration simple.
1) One of the assumptions is the presence of an attribute "distinguishedName".
In certain non-standard LDAP implementations, this attribute may not be
available. So instead of basing all ldap searches on this attribute,
getNameInNamespace() returns the same value. So this API is to be used instead.
2) It also assumes that the "user" value being passed in, will be able to bind
to LDAP. However, certain LDAP implementations, by default, only allow the full
DN to be used, just short user names are not permitted. We will need to be able
to support short names too when hive configuration only has "BaseDN" specified
(not userDNPatterns). So instead of hard-coding "uid" or "CN" as keys for the
short usernames, it probably better to make this a configurable parameter.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
