[jira] [Commented] (HIVE-7193) Hive should support additional LDAP authentication parameters

Mon, 22 Jun 2015 22:23:35 -0700 

    [ 
https://issues.apache.org/jira/browse/HIVE-7193?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14597186#comment-14597186
 ] 

Lefty Leverenz commented on HIVE-7193:
--------------------------------------

Doc note:  (Removed TODOC2.0 because we only need to document the initial 
version, which is 1.3.)

This adds five configuration parameters, which need to be documented in the 
HiveServer2 section of Configuration Properties.

* hive.server2.authentication.ldap.groupDNPattern
* hive.server2.authentication.ldap.groupFilter
* hive.server2.authentication.ldap.userDNPattern
* hive.server2.authentication.ldap.userFilter
* hive.server2.authentication.ldap.customLDAPQuery
* [Configuration Properties -- HiveServer2 | 
https://cwiki.apache.org/confluence/display/Hive/Configuration+Properties#ConfigurationProperties-HiveServer2]

Ben Tse wrote up the general documentation here (thanks, Ben):

* [User and Group Filter Support with LDAP Atn Provider in HiveServer2 | 
https://cwiki.apache.org/confluence/display/Hive/User+and+Group+Filter+Support+with+LDAP+Atn+Provider+in+HiveServer2]

> Hive should support additional LDAP authentication parameters
> -------------------------------------------------------------
>
>                 Key: HIVE-7193
>                 URL: https://issues.apache.org/jira/browse/HIVE-7193
>             Project: Hive
>          Issue Type: Bug
>    Affects Versions: 0.10.0
>            Reporter: Mala Chikka Kempanna
>            Assignee: Naveen Gangam
>              Labels: TODOC1.3
>             Fix For: 1.3.0, 2.0.0
>
>         Attachments: HIVE-7193.2.patch, HIVE-7193.3.patch, HIVE-7193.4.patch, 
> HIVE-7193.5.patch, HIVE-7193.6.patch, HIVE-7193.patch, 
> LDAPAuthentication_Design_Doc.docx, LDAPAuthentication_Design_Doc_V2.docx
>
>
> Currently hive has only following authenticator parameters for LDAP 
> authentication for hiveserver2:
> {code:xml}
> <property> 
>   <name>hive.server2.authentication</name> 
>   <value>LDAP</value> 
> </property> 
> <property> 
>   <name>hive.server2.authentication.ldap.url</name> 
>   <value>ldap://our_ldap_address</value> 
> </property> 
> {code}
> We need to include other LDAP properties as part of hive-LDAP authentication 
> like below:
> {noformat}
> a group search base -> dc=domain,dc=com 
> a group search filter -> member={0} 
> a user search base -> dc=domain,dc=com 
> a user search filter -> sAMAAccountName={0} 
> a list of valid user groups -> group1,group2,group3 
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to