[
https://issues.apache.org/jira/browse/HIVE-78?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12649855#action_12649855
]
Edward Capriolo commented on HIVE-78:
-------------------------------------
LDAP seems like a good way to handle this. We have a few alternatives.
Any posixAccount can log into hive. LDAP search would be
(&(objectClass=posixAccount (uid=<user>))
We could enforce that the user must be have some other attribute
(&(objectClass)=posixAccount (uid=<user>)(businessCategory="hiveuser"))
We could enforce that the user must be valid and they must be inside of a
specific groupOfUniqueNames
(&(objectClass=posixAccount (uid=<user>) and memberof (hiveGroup) apache
mod_ldap can do this
We can create a supplemental schema attribute we can append to already exists
ldap users.
> Authentication infrastructure for Hive
> --------------------------------------
>
> Key: HIVE-78
> URL: https://issues.apache.org/jira/browse/HIVE-78
> Project: Hadoop Hive
> Issue Type: New Feature
> Reporter: Ashish Thusoo
> Assignee: Ashish Thusoo
>
> Allow hive to integrate with existing user repositories for authentication
> and authorization infromation.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
