[ 
https://issues.apache.org/jira/browse/HIVE-25575?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Shubham Chaurasia updated HIVE-25575:
-------------------------------------
    Description: 
It would be good to support JWT auth mechanism in hive. In order to implement 
it, we would need the following - 

On HS2 side -
1. Accept JWT in Authorization: Bearer header.
2. Fetch JWKS from a public endpoint to verify JWT signature, to start with we 
can fetch on HS2 start up.
3. Verify JWT Signature.

On JDBC Client side - 
1. Hive jdbc client should be able to accept jwt in JDBC url. (will add more 
details)
2. Client should also be able to pick up JWT from an env var if it's defined.


  was:
It would be good to support JWT auth mechanism in hive. In order to implement 
it, we would need the following - 

On HS2 side -
1. Accept JWT in Authorization: Bearer header.
2. Fetch JWKS from a public endpoint to verify JWT signature, to start with we 
can fetch on HS2 start up.
3. Verify JWT Signature.

On JDBC Client side - 
1. Hive jdbc client should be able to accept jwt in JDBC url. (will add more 
details)
2. Client should also be able to pick up JWT from a env var if it's defined.



> Add support for JWT authentication
> ----------------------------------
>
>                 Key: HIVE-25575
>                 URL: https://issues.apache.org/jira/browse/HIVE-25575
>             Project: Hive
>          Issue Type: New Feature
>          Components: HiveServer2, JDBC
>    Affects Versions: 4.0.0
>            Reporter: Shubham Chaurasia
>            Assignee: Shubham Chaurasia
>            Priority: Major
>
> It would be good to support JWT auth mechanism in hive. In order to implement 
> it, we would need the following - 
> On HS2 side -
> 1. Accept JWT in Authorization: Bearer header.
> 2. Fetch JWKS from a public endpoint to verify JWT signature, to start with 
> we can fetch on HS2 start up.
> 3. Verify JWT Signature.
> On JDBC Client side - 
> 1. Hive jdbc client should be able to accept jwt in JDBC url. (will add more 
> details)
> 2. Client should also be able to pick up JWT from an env var if it's defined.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to