ding an on prem data warehouse with a custom s3 gateway as
>> storage backend. I was able to deploy a standalone Hive Metastore Server
>> (HMS) secured by kerberos however now I'm having a hard time figuring out
>> how to manage authorization.
>>
>> It seems to me that
time figuring out how to
> manage authorization.
>
> It seems to me that the storage based authorization layer is not
> compatible with s3a since hadoop reports just stub permissions for such
> "fs". On the other hand SQL Standards Based Authorization would force me
>
Hi,
I'm building an on prem data warehouse with a custom s3 gateway as storage
backend. I was able to deploy a standalone Hive Metastore Server (HMS)
secured by kerberos however now I'm having a hard time figuring out how to
manage authorization.
It seems to me that the storage based
as only able to create database. However that works without
> even enabling the hive storage based authorization. So not sure how hive
> storage base authorization will provided additional security. Definitely I
> am missing something.
>
> Please suggest.
>
> Thanks,
> Vij
databases.
>
> One thing I observer was the dfs.permissions.enabled in hdfs-site.xml set to
> false. After setting it to true a user with required privilege on the
> warehouse dir was only able to create database. However that works without
> even enabling the hive storage based auth
privilege on the
warehouse dir was only able to create database. However that works without
even enabling the hive storage based authorization. So not sure how hive
storage base authorization will provided additional security. Definitely I
am missing something.
Please suggest.
Thanks,
Vijay
On Thu
e:
>> Is your Hadoop cluster kerberized?
>>
>>> On 9. Nov 2017, at 06:57, Vijay Toshniwal <vijay.toshni...@gmail.com> wrote:
>>>
>>> Hi Team,
>>>
>>>
>>>
>>> I am facing issues while configuring hive storage based a
cing issues while configuring hive storage based authorization. I
> followed the steps mentioned in https://cwiki.apache.org/confl
> uence/display/Hive/Storage+Based+Authorization+in+the+Metastore+Server
> however still any user can create database in hive (using beeline and cli)
> at will th
Is your Hadoop cluster kerberized?
> On 9. Nov 2017, at 06:57, Vijay Toshniwal <vijay.toshni...@gmail.com> wrote:
>
> Hi Team,
>
>
>
> I am facing issues while configuring hive storage based authorization. I
> followed the steps mentioned in
> https://cw
在 2017-11-09 13:57:03,"Vijay Toshniwal" <vijay.toshni...@gmail.com> 写道:
Hi Team,
I am facing issues while configuring hive storage based authorization. I
followed the steps mentioned in
https://cwiki.apache.org/confluence/display/Hive/Storage+Based+Authorization+in+the
Hi Team,
I am facing issues while configuring hive storage based authorization. I
followed the steps mentioned in https://cwiki.apache.org/
confluence/display/Hive/Storage+Based+Authorization+in+the+Metastore+Server
however still any user can create database in hive (using beeline and cli
Hi,
I have enabled storage based authorization in the hive metastore by adding
the following configs to hive-site:
property
namehive.security.authorization.enabled/name
valuetrue/value
/property
property
namehive.security.authorization.manager/name
Hello,
We are using Hive 0.11 and are using kerberos authentication for our
cluster.
I just tried out enabling Storage Based Authorization as described here:
https://cwiki.apache.org/confluence/display/Hive/Storage+Based+Authorization+in+the+Metastore+Server
Using the cli, I then created
Hi Team,
Per the documentation for Hive Storage based authorization in Hive, it has
2 uses:
1. Metastore side authorization
2. Client side authorization
I have some questions because after enabling client side authorization by
adding below configurations in hive-site.xml on client side, I
got
14 matches
Mail list logo
