You can also set them via hiveserver2-site.xml instead of passing them as commandline params. Let me make that more clear in the doc.
On Thu, May 11, 2017 at 9:36 AM, Rob Anderson <rockclimbings...@gmail.com> wrote: > You add the options to HiveServer2 Environment Advanced Configuration > Snippet (Safety Valve) via: > > HIVE_OPTS=--hiveconf hive.security.authorization. > manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory > --hiveconf hive.security.authorization.enabled=true --hiveconf > hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator > --hiveconf hive.metastore.uris='thrift://XXXXXX:9083' > > Works fine. > > Rob > > On Tue, May 9, 2017 at 3:59 PM, Rob Anderson <rockclimbings...@gmail.com> > wrote: > >> Has anyone implemented SQL Standard Based Hive Authorization with CDH >> 5.5.2 (hive1.1.0)? >> >> Cloudera has confirmed that it's not supported, but I have a need that >> requires the implementation. >> >> I've followed: https://cwiki.apache.org/confl >> uence/display/Hive/SQL+Standard+Based+Hive+Authorization >> >> I've added the following to "HiveServer2 Advanced Configuration Snippet >> (Safety Valve) for hive-site.xml" via Cloudera Manager. >> >> <property> >> >> <name>hive.server2.enable.doAs</name> >> >> <value>false</value> >> >> </property> >> >> <property> >> >> <name>hive.users.in.admin.role</name> >> >> <value>oozie_runtime,hive,randerson</value> >> >> </property> >> >> <property> >> >> <name>hive.security.metastore.authorization.manager</name> >> >> <value>org.apache.hadoop.hive.ql.security.authorization.Meta >> StoreAuthzAPIAuthorizerEmbedOnly</value> >> >> </property> >> >> <property> >> >> <name>hive.security.authorization.manager</name> >> >> <value>org.apache.hadoop.hive.ql.security.authorization.plug >> in.sqlstd.SQLStdConfOnlyAuthorizerFactory</value> >> >> </property> >> >> <property> >> >> <name>hive.security.authorization.task.factory</name> >> >> <value>org.apache.hadoop.hive.ql.parse.authorization.HiveAut >> horizationTaskFactoryImpl</value> >> >> </property> >> >> >> I've tried adding the following start up options to "HiveServer2 >> Environment Advanced Configuration Snippet (Safety Valve)" via Cloudera >> Manager. >> >> - -hiveconf hive.security.authorization.ma >> nager=org.apache.hadoop.hive.ql.security.authorization.plugi >> n.sqlstd.SQLStdHiveAuthorizerFactory >> >> >> - -hiveconf hive.security.authorization.enabled=true >> - -hiveconf hive.security.authenticator.ma >> nager=org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator >> - -hiveconf hive.metastore.uris=' ' >> >> >> I get the following error: >> >> Could not parse: HiveServer2 Environment Advanced Configuration Snippet >> (Safety Valve) : Could not parse parameter 'hive_hs2_env_safety_valve'. >> Was expecting: valid variable name. Input: -hiveconf hive. >> security.authorization.manager=org.apache.hadoop.hive.q >> l.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory -hiveconf >> hive.security.authorization.enabled=true -hiveconf hive. >> security.authenticator.manager=org.apache.hadoop.hive.q >> l.security.SessionStateUserAuthenticator -hiveconf hive.metastore.uris=' >> ' >> >> So, in short - I'm not sure how to start hiveserver2 with those options. >> Any help you can offer is appreciated. >> >> Thanks, >> >> Rob >> >> >> >> >> >> >> >> >> >
