[
https://issues.apache.org/jira/browse/HIVE-6844?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13960956#comment-13960956
]
Lefty Leverenz commented on HIVE-6844:
--------------------------------------
Does this need to be clarified in the userdoc?
The parameter descriptions are fine, but maybe the client/metastore distinction
should be spelled out:
* hive.security.authorization.enabled -- Enable or disable the Hive client
authorization.
[https://cwiki.apache.org/confluence/display/Hive/Configuration+Properties#ConfigurationProperties-hive.security.authorization.enabled]
* hive.metastore.pre.event.listeners -- The pre-event listener classes to be
loaded on the metastore side to run code whenever databases, tables, and
partitions are created, altered, or dropped. Set this configuration property to
org.apache.hadoop.hive.ql.security.authorization.AuthorizationPreEventListener
in hive-site.xml for Hive metastore security.
[https://cwiki.apache.org/confluence/display/Hive/Configuration+Properties#ConfigurationProperties-hive.metastore.pre.event.listeners]
> support separate configuration param for enabling authorization using new
> interface
> -----------------------------------------------------------------------------------
>
> Key: HIVE-6844
> URL: https://issues.apache.org/jira/browse/HIVE-6844
> Project: Hive
> Issue Type: Bug
> Components: Authorization
> Reporter: Thejas M Nair
> Assignee: Thejas M Nair
>
> The existing configuration parameter *hive.security.authorization.enabled* is
> used for both "SQL query level authorization" at sql query compilation, and
> at "metatore api authorization" for the thrift metastore api calls. This
> makes it hard to flexibly/correctly configure the security settings.
> It should be possible to enable "SQL query level authorization" and
> "metastore api authorization" independently of each other.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
