[
https://issues.apache.org/jira/browse/HIVE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16195075#comment-16195075
]
Tao Li commented on HIVE-17701:
-------------------------------
In the latest patch, we want to display sessions/queries that belong to the
remote user if not an admin, when auth is enabled. When auth is disabled, each
user acts as an admin and can view everything.
> Added restriction to historic queries on web UI
> -----------------------------------------------
>
> Key: HIVE-17701
> URL: https://issues.apache.org/jira/browse/HIVE-17701
> Project: Hive
> Issue Type: Bug
> Components: HiveServer2
> Reporter: Thejas M Nair
> Assignee: Tao Li
> Attachments: HIVE-17701.1.patch, HIVE-17701.2.patch,
> HIVE-17701.3.patch, HIVE-17701.4.patch, HIVE-17701.5.patch
>
>
> The HiveServer2 Web UI (HIVE-12550) shows recently completed queries.
> However, a user can see the queries run by other users as well, and that is a
> security/privacy concern.
> Only admin users should be allowed to see queries from other users (similar
> to behavior of display for configs, stack trace etc).
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
