[jira] [Commented] (HIVE-5402) StorageBasedAuthorizationProvider is not correctly able to determine that it is running from client-side

[Sushanth Sowmyan (JIRA)]

    [ 
https://issues.apache.org/jira/browse/HIVE-5402?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13786774#comment-13786774
 ] 

Sushanth Sowmyan commented on HIVE-5402:
----------------------------------------

We do have an issue on how to do authorization, and we need to know whether 
we're called from ql, in which case we have a Hive or if we're called from the 
metastore, in which case we do not have a Hive, but we do have a 
HiveMetaStoreHandler. There is a class called HiveProxy that tries to 
common-alize this behaviour, but to instantiate it, we need to know whether 
we're being instantiated from the Metastore or ql. We could solve this by 
having two separate classes, and the original intent of SBAP was to work from 
the metastore, but that is unnecessary duplication.

The one other change that I could consider from your request is that for client 
side auth also, we would run through a local metastore, and thus, we could do 
the authorization from there itself. I would also agree with that approach, 
although that requires some beefing up first. That, however, would be another 
redesign if we wanted to pursue that.

Also, getConf() returns Configuration because the HiveAuthorizationProvider 
implements Configurable, and we use a hadoop interface in the process. That 
would be broadening the scope significantly, and if you want to go around 
changing Configurable to HiveConfigurable all over the place, that should again 
be a different task to undertake. :)


> StorageBasedAuthorizationProvider is not correctly able to determine that it 
> is running from client-side
> --------------------------------------------------------------------------------------------------------
>
>                 Key: HIVE-5402
>                 URL: https://issues.apache.org/jira/browse/HIVE-5402
>             Project: Hive
>          Issue Type: Bug
>          Components: Authorization
>            Reporter: Sushanth Sowmyan
>            Assignee: Sushanth Sowmyan
>         Attachments: HIVE-5402.2.patch, HIVE-5402.patch
>
>
> HIVE-5048 tried to change the StorageBasedAuthorizationProvider (SBAP) so 
> that it could be run from the client side as well.
> However, there is a bug that causes SBAP to incorrectly conclude that it's 
> running from the metastore-side when it's actually running from the 
> client-side that causes it to throw a IllegalStateException claiming the 
> warehouse variable isn't set.



--
This message was sent by Atlassian JIRA
(v6.1#6144)