[
https://issues.apache.org/jira/browse/HIVE-8190?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14551272#comment-14551272
]
Naveen Gangam commented on HIVE-8190:
-------------------------------------
I just uploaded a patch for HIVE-7193. There is also a design doc attached. The
new enhancements made should make it more flexible for the users to configure
LDAP for authentication. Filter support (user and group) has been added. Let me
know if you have questions or any feedback. Thanks
> LDAP user match for authentication on hiveserver2
> -------------------------------------------------
>
> Key: HIVE-8190
> URL: https://issues.apache.org/jira/browse/HIVE-8190
> Project: Hive
> Issue Type: Improvement
> Components: Authorization, Clients
> Affects Versions: 0.13.1
> Environment: Centos 6.5
> Reporter: LINTE
> Assignee: Naveen Gangam
>
> Some LDAP has the user composant as CN and not UID.
> SO when you try to authenticate the LDAP authentication module of hive try to
> authenticate with the following string :
> uid=$login,basedn
> Some AD have user objects that are not uid but cn, so it is be important to
> personalize the kind of objects that the authentication moduel look for in
> ldap.
> We can see an exemple in knox LDAP module configuration the parameter
> main.ldapRealm.userDnTemplate can be configured to look for :
> uid : 'uid={0}, basedn'
> or cn : 'cn={0}, basedn'
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
