[
https://issues.apache.org/jira/browse/HIVE-6907?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13970320#comment-13970320
]
Navis commented on HIVE-6907:
-----------------------------
Sorry, I've been strayed a little (security always makes me). The code above
I've shown in above comment is not for fixing this. The problem is that when we
uses authorization with AuthorizationPreEventListener in metastore with doAs
disabled. With this configuration, metastore would always try authorize
privileges of HS2 user.
> HiveServer2 - wrong user gets used for metastore operation with embedded
> metastore
> ----------------------------------------------------------------------------------
>
> Key: HIVE-6907
> URL: https://issues.apache.org/jira/browse/HIVE-6907
> Project: Hive
> Issue Type: Bug
> Components: HiveServer2
> Affects Versions: 0.13.0
> Reporter: Thejas M Nair
> Assignee: Thejas M Nair
> Priority: Blocker
> Fix For: 0.13.0
>
> Attachments: HIVE-6907.1.patch, HIVE-6907.2.patch, HIVE-6907.3.patch
>
>
> When queries are being run concurrently against HS2, sometimes the wrong user
> ends performing the metastore action and you get an error like -
> {code}
> ..INFO|java.sql.SQLException: Error while processing statement: FAILED:
> Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask.
> MetaException(message:java.security.AccessControlException: action WRITE not
> permitted on path hdfs://example.net:8020/apps/hive/warehouse/tbl_4eeulg9zp4
> for user hrt_qa)
> {code}
--
This message was sent by Atlassian JIRA
(v6.2#6252)
