[
https://issues.apache.org/jira/browse/HIVE-29211?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18023190#comment-18023190
]
Sai Hemanth Gantasala commented on HIVE-29211:
----------------------------------------------
[~hazeljiang] - Thanks for the contribution. The patch has been merged into the
master branch.
> Add LDAP group filtering support for Kerberos-authenticated users
> ------------------------------------------------------------------
>
> Key: HIVE-29211
> URL: https://issues.apache.org/jira/browse/HIVE-29211
> Project: Hive
> Issue Type: Improvement
> Components: HiveServer2, Standalone Metastore
> Reporter: Jintong Jiang
> Assignee: Jintong Jiang
> Priority: Major
> Labels: pull-request-available
> Fix For: 4.2.0
>
>
> Currently, HS2 and HMS support LDAP authentication with group filtering, but
> when users authenticate via Kerberos, LDAP group filters are not applied.
> This creates an inconsistency where authorization policies differ based on
> the authentication method used. We need to add the capability to optionally
> enforce LDAP group membership checks for Kerberos-authenticated users in both
> HS2 and HMS.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
