Thejas M Nair created HIVE-12688:
------------------------------------
Summary: HIVE-11826 makes hive unusable in properly secured cluster
Key: HIVE-12688
URL: https://issues.apache.org/jira/browse/HIVE-12688
Project: Hive
Issue Type: Bug
Affects Versions: 1.3.0, 2.0.0
Reporter: Thejas M Nair
Assignee: Thejas M Nair
HIVE-11826 makes a change to restrict connections to metastore to users who
belong to groups under 'hadoop.proxyuser.hive.groups'.
That property was only a meant to be a hadoop property, which controls what
users the hive user can impersonate. What this change is doing is to enable use
of that to also restrict who can connect to metastore server. This is new
functionality, not a bug fix. There is value to this functionality.
However, this change makes hive unusable in a properly secured cluster. If
'hadoop.proxyuser.hive.hosts' is set to the proper set of hosts that run
Metastore and Hiveserver2 (instead of a very open "*"), then users will be able
to connect to metastore only from those hosts.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
