[ https://issues.apache.org/jira/browse/HIVE-3719?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ashutosh Chauhan updated HIVE-3719: ----------------------------------- Assignee: Yu Gao > Improve HiveServer to support username/password authentication > -------------------------------------------------------------- > > Key: HIVE-3719 > URL: https://issues.apache.org/jira/browse/HIVE-3719 > Project: Hive > Issue Type: Improvement > Components: Authentication, JDBC > Affects Versions: 0.9.0 > Reporter: Yu Gao > Assignee: Yu Gao > Labels: security > > The current HiveServer implementation (call it HiveServer version 1 to > distinguish it from HIveServer2 that is under development currently) does not > have any authentication mechanism against connecting clients, which means > anyone can access it, e.g. through Hive JDBC driver, without any security > control. The user and password property are simply ignored by Hive JDBC > driver and never get to HiveServer1. > It would be good to introduce authentication infrastructure to HiveServer 1, > and improve JDBC driver implementation as well to support this, so that > together with the existing authorization infrastructure, for applications > that want to access HiveServer1 via JDBC driver, connections and operations > are under security control. > Although there's HiveServer2 that has been under implementation for a while, > this improvement for HiveServer1 is very necessary to fill the big security > hole, and would benefit applications a lot that are using HiveServer1. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira