[jira] [Updated] (HIVE-20053) Separate Hive Security from SessionState

Mon, 02 Jul 2018 11:55:29 -0700 


     [ 
https://issues.apache.org/jira/browse/HIVE-20053?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Aihua Xu updated HIVE-20053:
----------------------------
    Description: 
Right now we have Hive security classes associated with SessionState. When 
HiveServer2 starts, the service session will initialize it and later each 
session will need to reinitialize. Since such security configuration is on 
service level, we should move security info out out SessionState and make it 
Singleton so we can initialize it once.

And also, since SessionState.setupAuth()  - to setup authentication and 
authorization is not synchronized, we could run into concurrency issue if 
queries or meta operations are run within same session.     

  was:
Right now we have Hive security classes associated with SessionState. When 
HiveServer2 starts, the service session will initialize it and later each 
session will need to reinitialize it. Since such security configuration is on 
service level, we should move security info out out SessionState and make it 
Singleton so we can initialize it once.

And also, since SessionState.setupAuth()  - to setup authentication and 
authorization is not synchronized, we could run into concurrency issue if 
queries or meta operations are run within same session.     


> Separate Hive Security from SessionState
> ----------------------------------------
>
>                 Key: HIVE-20053
>                 URL: https://issues.apache.org/jira/browse/HIVE-20053
>             Project: Hive
>          Issue Type: Improvement
>          Components: Security
>    Affects Versions: 3.0.0
>            Reporter: Aihua Xu
>            Priority: Major
>
> Right now we have Hive security classes associated with SessionState. When 
> HiveServer2 starts, the service session will initialize it and later each 
> session will need to reinitialize. Since such security configuration is on 
> service level, we should move security info out out SessionState and make it 
> Singleton so we can initialize it once.
> And also, since SessionState.setupAuth()  - to setup authentication and 
> authorization is not synchronized, we could run into concurrency issue if 
> queries or meta operations are run within same session.     



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to