[
https://issues.apache.org/jira/browse/HIVE-6844?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Thejas M Nair resolved HIVE-6844.
---------------------------------
Resolution: Invalid
I had wrong assumption about storage-based-authorization/metastore side
authorization.
This config param hive.security.authorization.enabled is ignored by
the metastore, and it gets used only for client side authorization.
hive.metastore.pre.event.listeners setting can be used to control if metastore
authorization is enabled or not.
> support separate configuration param for enabling authorization using new
> interface
> -----------------------------------------------------------------------------------
>
> Key: HIVE-6844
> URL: https://issues.apache.org/jira/browse/HIVE-6844
> Project: Hive
> Issue Type: Bug
> Components: Authorization
> Reporter: Thejas M Nair
> Assignee: Thejas M Nair
>
> The existing configuration parameter *hive.security.authorization.enabled* is
> used for both "SQL query level authorization" at sql query compilation, and
> at "metatore api authorization" for the thrift metastore api calls. This
> makes it hard to flexibly/correctly configure the security settings.
> It should be possible to enable "SQL query level authorization" and
> "metastore api authorization" independently of each other.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
