Hi Team,
I am facing issues while configuring hive storage based authorization. I followed the steps mentioned in https://cwiki.apache.org/ confluence/display/Hive/Storage+Based+Authorization+in+the+Metastore+Server however still any user can create database in hive (using beeline and cli) at will though not able to delete other users databases. My hive directory permission is set to 770 (hive:hadoop).Below are the parameters that I added to hive-site.xml: hive.metastore.pre.event.listeners: org.apache.hadoop.hive.ql. security.authorization.AuthorizationPreEventListener hive.security.metastore.authorization.auth.reads: true hive.security.metastore.authenticator.manager:org.apache.hadoop.hive.ql. security.HadoopDefaultMetastoreAuthenticator hive.security.metastore.authorization.manager: org.apache.hadoop.hive.ql. security.authorization.StorageBasedAuthorizationProvider hive.metastore.execute.setugi: true hive.server2.enable.doAs:true hive version: 1.2.1 Hadoop version: 2.7.3 My understanding was only those users having write access to /user/hive/warehouse should be able to create the database. Please suggest. I also found one similar question https://stackoverflow.com/ questions/43734947/does-the-storage-based-authorization- or-sql-standards-based-hive-authorization-w?rq=1 where the default authorization is not working as expected. Request you to provide your inputs on the same. Thanks, Vijay
