Thejas M Nair created HIVE-6957:
-----------------------------------
Summary: SQL authorization does not work with HS2 binary mode and
Kerberos auth
Key: HIVE-6957
URL: https://issues.apache.org/jira/browse/HIVE-6957
Project: Hive
Issue Type: Bug
Components: Authorization, HiveServer2
Affects Versions: 0.13.0
Reporter: Thejas M Nair
Assignee: Thejas M Nair
Attachments: HIVE-6957.1.patch
In HiveServer2, when Kerberos auth and binary transport modes are used, the
user name that gets passed on to authorization is the long kerberos username.
The username that is used in grant/revoke statements tend to be the short
usernames.
This also fails in authorizing statements that involve URI, as the
authorization mode checks the file system permissions for given user. It does
not recognize that the given long username actually owns the file or belongs to
the group that owns the file.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
