[
https://issues.apache.org/jira/browse/HIVE-16529?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16117096#comment-16117096
]
Thejas M Nair edited comment on HIVE-16529 at 8/7/17 7:21 PM:
--------------------------------------------------------------
Thanks for the heads up [~todd_richmond]!
bq. However, the version of JPAM on public repos will also cause corruption
unless a single patch has been applied.
Did you mean to say "libpam4j" not JPAM in the above sentence ?
was (Author: thejas):
Thanks for the heads up [~trichmond]!
bq. However, the version of JPAM on public repos will also cause corruption
unless a single patch has been applied.
Did you mean to say "libpam4j" not JPAM in the above sentence ?
> Replace JPAM with libpam4j for PAM authentication
> -------------------------------------------------
>
> Key: HIVE-16529
> URL: https://issues.apache.org/jira/browse/HIVE-16529
> Project: Hive
> Issue Type: Improvement
> Components: Authentication
> Affects Versions: 1.2.0
> Reporter: Richard Ding
> Assignee: Sailaja Navvluru
>
> PAM authentication is an important feature available since Hive 0.13. But
> Hive blog gives the following warnings:
> {quote}
> JPAM library that is used to provide the PAM authentication mode can cause
> HiveServer2 to go down if a user's password has expired. This happens because
> of segfault/core dumps from native code invoked by JPAM. Some users have also
> reported crashes during logins in other cases as well. Use of LDAP or
> KERBEROS is recommended.
> {quote}
> JPAM also requires user to install a native library. Furthermore, JPAM
> library seems not to have been updated since 2007.
> Other Apache projects (e.g. Ambari/Ranger/Knox) use a newer library libpam4j
> which doesn't require installation of native library.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
