[jira] [Commented] (HIVE-6486) Support secure Subject.doAs() in HiveServer2 JDBC client.

[Hive QA (JIRA)]

    [ 
https://issues.apache.org/jira/browse/HIVE-6486?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13925130#comment-13925130
 ] 

Hive QA commented on HIVE-6486:
-------------------------------



{color:red}Overall{color}: -1 at least one tests failed

Here are the results of testing the latest attachment:
https://issues.apache.org/jira/secure/attachment/12632880/HIVE-6486.3.patch

{color:red}ERROR:{color} -1 due to 1 failed/errored test(s), 5374 tests executed
*Failed tests:*
{noformat}
org.apache.hive.hcatalog.mapreduce.TestHCatMutablePartitioned.testHCatPartitionedTable
{noformat}

Test results: 
http://bigtop01.cloudera.org:8080/job/PreCommit-HIVE-Build/1668/testReport
Console output: 
http://bigtop01.cloudera.org:8080/job/PreCommit-HIVE-Build/1668/console

Messages:
{noformat}
Executing org.apache.hive.ptest.execution.PrepPhase
Executing org.apache.hive.ptest.execution.ExecutionPhase
Executing org.apache.hive.ptest.execution.ReportingPhase
Tests exited with: TestsFailedException: 1 tests failed
{noformat}

This message is automatically generated.

ATTACHMENT ID: 12632880

> Support secure Subject.doAs() in HiveServer2 JDBC client.
> ---------------------------------------------------------
>
>                 Key: HIVE-6486
>                 URL: https://issues.apache.org/jira/browse/HIVE-6486
>             Project: Hive
>          Issue Type: Improvement
>          Components: Authentication, HiveServer2, JDBC
>    Affects Versions: 0.11.0, 0.12.0
>            Reporter: Shivaraju Gowda
>            Assignee: Shivaraju Gowda
>             Fix For: 0.13.0
>
>         Attachments: HIVE-6486.1.patch, HIVE-6486.2.patch, HIVE-6486.3.patch, 
> Hive_011_Support-Subject_doAS.patch, TestHive_SujectDoAs.java
>
>
> HIVE-5155 addresses the problem of kerberos authentication in multi-user 
> middleware server using proxy user.  In this mode the principal used by the 
> middle ware server has privileges to impersonate selected users in 
> Hive/Hadoop. 
> This enhancement is to support Subject.doAs() authentication in  Hive JDBC 
> layer so that the end users Kerberos Subject is passed through in the middle 
> ware server. With this improvement there won't be any additional setup in the 
> server to grant proxy privileges to some users and there won't be need to 
> specify a proxy user in the JDBC client. This version should also be more 
> secure since it won't require principals with the privileges to impersonate 
> other users in Hive/Hadoop setup.
>  



--
This message was sent by Atlassian JIRA
(v6.2#6252)