[
https://issues.apache.org/jira/browse/HIVE-13867?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15309116#comment-15309116
]
Sushanth Sowmyan commented on HIVE-13867:
-----------------------------------------
+1, this undo looks good. I've tried to retry some of those failing tests
locally and they work. I'll go ahead and commit to branch-2.1 and master.
> restore HiveAuthorizer interface changes
> ----------------------------------------
>
> Key: HIVE-13867
> URL: https://issues.apache.org/jira/browse/HIVE-13867
> Project: Hive
> Issue Type: Bug
> Affects Versions: 2.1.0
> Reporter: Thejas M Nair
> Assignee: Thejas M Nair
> Priority: Blocker
> Attachments: HIVE-13867.1.patch
>
>
> TLDR: Some of the changes to hive authorizer interface made as part of
> HIVE-13360 are inappropriate and need to be restored.
> Regarding the move of ip address from the query context object
> (HiveAuthzContext) to HiveAuthenticationProvider. That isn't the right place
> for it.
> In HS2 HTTP mode, when proxies and knox servers are between end user and HS2
> , every request for single session does not have to come via a single IP
> address.
> Current assumption in hive code base is that the IP address is valid for the
> entire session. This might not hold true for ever.
> A limitation in HS2 that it holds state for the session would currently force
> the user configure proxies and knox to remember which next Host it was using,
> because they need to have state to remember the HS2 instance to be used! But
> that is a limitation that ideally goes away some day, and when that happens,
> HiveAuthzContext would be the right place for keeping the IP address!
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
