Kai Zheng created HIVE-3807:
-------------------------------
Summary: Hive authorization should use short username when
Kerberos authentication
Key: HIVE-3807
URL: https://issues.apache.org/jira/browse/HIVE-3807
Project: Hive
Issue Type: Improvement
Components: Authorization
Affects Versions: 0.9.0
Reporter: Kai Zheng
Currently when authentication method is Kerberos,Hive authorization uses user
full name as privilege principal, for example, it uses j...@example.com instead
of john.
It should use the short name instead. The benefits:
1. Be consistent. Hadoop, HBase and etc they all use short name in related ACLs
or authorizations. For Hive authorization works well with them, this should be.
2. Be convenient. It's very inconvenient to use the lengthy Kerberos principal
name when grant or revoke privileges via Hive CLI.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
