Yu-Wen Lai created HIVE-25957:
---------------------------------
Summary: Fix password based authentication with SAML enabled
Key: HIVE-25957
URL: https://issues.apache.org/jira/browse/HIVE-25957
Project: Hive
Issue Type: Bug
Components: HiveServer2
Affects Versions: 4.0.0
Reporter: Yu-Wen Lai
Assignee: Yu-Wen Lai
In HIVE-25875, we allowed SAML to be set with other password based
authentication, but we pass NONE to the function doPasswordAuth. That is, any
requests use basic authentication header can bypass the password verification
because NONE means a no-op authentication.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
