[jira] [Comment Edited] (HIVE-19747) "GRANT ALL TO USER" failed with NullPointerException
[
https://issues.apache.org/jira/browse/HIVE-19747?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16619800#comment-16619800
]
Alice Fan edited comment on HIVE-19747 at 9/18/18 10:12 PM:
[~aihuaxu],
This will not throw exception if set the following 2 parameters are set, right?
{code:java}
set hive.security.authorization.enabled=true;
set
hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator;
{code}
was (Author: afan):
[~aihuaxu],
This will not throw exception if set the following 2 parameters are set, right?
set hive.security.authorization.enabled=true;
set
hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator;
> "GRANT ALL TO USER" failed with NullPointerException
>
>
> Key: HIVE-19747
> URL: https://issues.apache.org/jira/browse/HIVE-19747
> Project: Hive
> Issue Type: Bug
> Components: Authorization
>Affects Versions: 2.1.0
>Reporter: Aihua Xu
>Priority: Minor
>
> If you issue the command
> {code:sql}
> grant all to user abc
> {code}
> you will see the following NPE exception. Seems the type in hivePrivObject is
> not initialized.
> {noformat}
> FAILED: Execution Error, return code 1 from
> org.apache.hadoop.hive.ql.exec.DDLTask. java.lang.NullPointerException
> at
> org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLAuthorizationUtils.isOwner(SQLAuthorizationUtils.java:265)
> at
> org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLAuthorizationUtils.getPrivilegesFromMetaStore(SQLAuthorizationUtils.java:212)
> at
> org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.GrantPrivAuthUtils.checkRequiredPrivileges(GrantPrivAuthUtils.java:64)
> at
> org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.GrantPrivAuthUtils.authorize(GrantPrivAuthUtils.java:50)
> at
> org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAccessController.grantPrivileges(SQLStdHiveAccessController.java:179)
> at
> org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAccessControllerWrapper.grantPrivileges(SQLStdHiveAccessControllerWrapper.java:70)
> at
> org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthorizerImpl.grantPrivileges(HiveAuthorizerImpl.java:48)
> at
> org.apache.hadoop.hive.ql.exec.DDLTask.grantOrRevokePrivileges(DDLTask.java:1123
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Comment Edited] (HIVE-19747) "GRANT ALL TO USER" failed with NullPointerException
[
https://issues.apache.org/jira/browse/HIVE-19747?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16619800#comment-16619800
]
Alice Fan edited comment on HIVE-19747 at 9/18/18 10:12 PM:
[~aihuaxu],
This will not throw exception if set the following 2 parameters are set, right?
{code:java}
hive.security.authorization.enabled=true;
hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator;
{code}
was (Author: afan):
[~aihuaxu],
This will not throw exception if set the following 2 parameters are set, right?
{code:java}
set hive.security.authorization.enabled=true;
set
hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator;
{code}
> "GRANT ALL TO USER" failed with NullPointerException
>
>
> Key: HIVE-19747
> URL: https://issues.apache.org/jira/browse/HIVE-19747
> Project: Hive
> Issue Type: Bug
> Components: Authorization
>Affects Versions: 2.1.0
>Reporter: Aihua Xu
>Priority: Minor
>
> If you issue the command
> {code:sql}
> grant all to user abc
> {code}
> you will see the following NPE exception. Seems the type in hivePrivObject is
> not initialized.
> {noformat}
> FAILED: Execution Error, return code 1 from
> org.apache.hadoop.hive.ql.exec.DDLTask. java.lang.NullPointerException
> at
> org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLAuthorizationUtils.isOwner(SQLAuthorizationUtils.java:265)
> at
> org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLAuthorizationUtils.getPrivilegesFromMetaStore(SQLAuthorizationUtils.java:212)
> at
> org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.GrantPrivAuthUtils.checkRequiredPrivileges(GrantPrivAuthUtils.java:64)
> at
> org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.GrantPrivAuthUtils.authorize(GrantPrivAuthUtils.java:50)
> at
> org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAccessController.grantPrivileges(SQLStdHiveAccessController.java:179)
> at
> org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAccessControllerWrapper.grantPrivileges(SQLStdHiveAccessControllerWrapper.java:70)
> at
> org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthorizerImpl.grantPrivileges(HiveAuthorizerImpl.java:48)
> at
> org.apache.hadoop.hive.ql.exec.DDLTask.grantOrRevokePrivileges(DDLTask.java:1123
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Comment Edited] (HIVE-19747) "GRANT ALL TO USER" failed with NullPointerException
[
https://issues.apache.org/jira/browse/HIVE-19747?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16497013#comment-16497013
]
Aihua Xu edited comment on HIVE-19747 at 5/31/18 10:22 PM:
---
Thanks [~Rajkumar Singh] . I'm checking the syntax here
https://cwiki.apache.org/confluence/display/Hive/SQL+Standard+Based+Hive+Authorization
{noformat}
GRANT role_name [, role_name] ...
TO principal_specification [, principal_specification] ...
[ WITH ADMIN OPTION ];
principal_specification
: USER user
| ROLE role
{noformat}
and also in authorization_8.q qfile,
{noformat}
set
hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
set hive.security.authorization.enabled=true;
GRANT ALL TO USER hive_test_user;
{noformat}
Do we support such syntax? Should we give syntax error for {{grant all to user
abc}} then?
was (Author: aihuaxu):
Thanks [~Rajkumar Singh] . I'm checking the syntax here
https://cwiki.apache.org/confluence/display/Hive/SQL+Standard+Based+Hive+Authorization
{noformat}
GRANT role_name [, role_name] ...
TO principal_specification [, principal_specification] ...
[ WITH ADMIN OPTION ];
principal_specification
: USER user
| ROLE role
{noformat}
and also in authorization_8.q qfile,
{noformat}
set
hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider;
set hive.security.authorization.enabled=true;
GRANT ALL TO USER hive_test_user;
{noformat}
Do we support such syntax? Should we give syntax error for {{grant all to user
abc}} then?
In the qtest qu
> "GRANT ALL TO USER" failed with NullPointerException
>
>
> Key: HIVE-19747
> URL: https://issues.apache.org/jira/browse/HIVE-19747
> Project: Hive
> Issue Type: Bug
> Components: Authorization
>Affects Versions: 2.1.0
>Reporter: Aihua Xu
>Priority: Minor
>
> If you issue the command 'grant all to user abc', you will see the following
> NPE exception. Seems the type in hivePrivObject is not initialized.
> {noformat}
> FAILED: Execution Error, return code 1 from
> org.apache.hadoop.hive.ql.exec.DDLTask. java.lang.NullPointerException
> at
> org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLAuthorizationUtils.isOwner(SQLAuthorizationUtils.java:265)
> at
> org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLAuthorizationUtils.getPrivilegesFromMetaStore(SQLAuthorizationUtils.java:212)
> at
> org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.GrantPrivAuthUtils.checkRequiredPrivileges(GrantPrivAuthUtils.java:64)
> at
> org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.GrantPrivAuthUtils.authorize(GrantPrivAuthUtils.java:50)
> at
> org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAccessController.grantPrivileges(SQLStdHiveAccessController.java:179)
> at
> org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAccessControllerWrapper.grantPrivileges(SQLStdHiveAccessControllerWrapper.java:70)
> at
> org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthorizerImpl.grantPrivileges(HiveAuthorizerImpl.java:48)
> at
> org.apache.hadoop.hive.ql.exec.DDLTask.grantOrRevokePrivileges(DDLTask.java:1123
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
