[
https://issues.apache.org/jira/browse/HIVE-3807?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kai Zheng updated HIVE-3807:
----------------------------
Fix Version/s: 0.9.0
Status: Patch Available (was: Open)
Simple fix. Thanks for review.
> Hive authorization should use short username when Kerberos authentication
> -------------------------------------------------------------------------
>
> Key: HIVE-3807
> URL: https://issues.apache.org/jira/browse/HIVE-3807
> Project: Hive
> Issue Type: Improvement
> Components: Authorization
> Affects Versions: 0.9.0
> Reporter: Kai Zheng
> Fix For: 0.9.0
>
> Attachments: HIVE-3807.patch
>
>
> Currently when authentication method is Kerberos,Hive authorization uses user
> full name as privilege principal, for example, it uses [email protected]
> instead of john.
> It should use the short name instead. The benefits:
> 1. Be consistent. Hadoop, HBase and etc they all use short name in related
> ACLs or authorizations. For Hive authorization works well with them, this
> should be.
> 2. Be convenient. It's very inconvenient to use the lengthy Kerberos
> principal name when grant or revoke privileges via Hive CLI.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
