Shivaraju Gowda created HIVE-6486:
-------------------------------------
Summary: Support secure Subject.doAs() in HiveServer2 JDBC client.
Key: HIVE-6486
URL: https://issues.apache.org/jira/browse/HIVE-6486
Project: Hive
Issue Type: Improvement
Components: JDBC
Affects Versions: 0.12.0, 0.11.0
Reporter: Shivaraju Gowda
HIVE-5155 addresses the problem of kerberos authentication in multi-user
middleware server using proxy user. In this mode the principal used by the
middle ware server has privileges to impersonate selected users in Hive/Hadoop.
This enhancement is to support Subject.doAs() authentication in Hive JDBC
layer so that the end users Kerberos Subject is passed through in the middle
ware server. With this improvement there won't be any additional setup in the
server to grant proxy privileges to some users and there won't be need to
specify a proxy user in the JDBC client. This version should also be more
secure since it won't require principals with the privileges to impersonate
other users in Hive/Hadoop setup.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
