Re: Review Request 19880: HiveServer2 needs to map kerberos name to local name before proxy check

dilli dorai Wed, 01 Oct 2014 14:13:38 -0700

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/19880/
-----------------------------------------------------------


(Updated Oct. 1, 2014, 9:13 p.m.)


Review request for hive, Thejas Nair and Vaibhav Gumashta.


Changes
-------

patch using org.apache.hadoop.security.authentication.util.KerberosName


Bugs: HIVE-6799
    https://issues.apache.org/jira/browse/HIVE-6799


Repository: hive-git


Description
-------

see hive jira https://issues.apache.org/jira/browse/HIVE-6799


Diffs (updated)
-----

  service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java a0f7667 

Diff: https://reviews.apache.org/r/19880/diff/


Testing
-------

Before the patch

Hive Server2 log file reported exception with message
Failed to validate proxy privilage of knox/hdps.example.com for sam

The intermediary service with kerberos principal name knox/hdps.example.com was 
not able to proxy user sam.

After the patch.
Hive Server2 log does not  reported exception.

The intermediary service with kerberos principal name knox/hdps.example.com was 
able to proxy user sam and create table as sam.


Thanks,

dilli dorai

Re: Review Request 19880: HiveServer2 needs to map kerberos name to local name before proxy check

Reply via email to