[ https://issues.apache.org/jira/browse/SPARK-8659?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Premchandra Preetham Kukillaya updated SPARK-8659: -------------------------------------------------- Summary: Spark SQL Thrift Server does NOT honour hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory (was: SQL Standard Based Hive Authorisation of Hive.13 does not work while pointing JDBC Application to Spark Thrift Server. ) > Spark SQL Thrift Server does NOT honour > hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory > > ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- > > Key: SPARK-8659 > URL: https://issues.apache.org/jira/browse/SPARK-8659 > Project: Spark > Issue Type: Bug > Components: SQL > Affects Versions: 1.3.1 > Environment: Linux > Reporter: Premchandra Preetham Kukillaya > > It seems like while pointing JDBC/ODBC Driver to Spark SQLThrift Service ,the > Hive's security feature SQL based authorisation is not working. It ignores > the security settings passed through the command line. The arguments for > command line is given below for reference > The problem is user X can do select on table belonging to user Y, though > permission for table is explicitly defined and its a data security risk. > I am using Hive .13.1 and Spark 1.3.1 and here is the list arguments passed > to Spark SQL Thrift Server. > ./start-thriftserver.sh --hiveconf hive.server2.thrift.port=10001 --hiveconf > xxxxhostname.compute.amazonaws.com --hiveconf > hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator > --hiveconf > hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory > --hiveconf hive.server2.enable.doAs=false --hiveconf > hive.security.authorization.enabled=true --hiveconf > javax.jdo.option.ConnectionURL=jdbc:mysql://localhost:3306/hive?createDatabaseIfNotExist=true > --hiveconf javax.jdo.option.ConnectionDriverName=com.mysql.jdbc.Driver > --hiveconf javax.jdo.option.ConnectionUserName=hive --hiveconf > javax.jdo.option.ConnectionPassword=hive -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org For additional commands, e-mail: issues-h...@spark.apache.org