[ https://issues.apache.org/jira/browse/RANGER-2128?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16544855#comment-16544855 ]
Kent Yao commented on RANGER-2128: ---------------------------------- My env is a fully kerberized cluster, and I ran thrift server with spark2.3.1(built-in hive) on yarn against Apache Hadoop2.7.3/Hive Metastore Server2.1/ranger0.5.3-rc3 With the below secure options {code:java} hive.security.authorization.manager=org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizerFactory hive.security.metastore.authenticator.manager=org.apache.hadoop.hive.ql.security.HadoopDefaultMetastoreAuthenticator hive.security.metastore.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.StorageBasedAuthorizationProvider hive.server2.authentication=KERBEROS hive.server2.enable.doAs=false {code} Only works for single user who start the server, fails to switch user The exception is related to the thrift server do "use:database" action during opening session, which will call sparksession.sql("use default"), AFAIK once it is executed the Isolated Hive classloader will be turned off > Implement SparkSQL plugin > ------------------------- > > Key: RANGER-2128 > URL: https://issues.apache.org/jira/browse/RANGER-2128 > Project: Ranger > Issue Type: New Feature > Components: plugins, Ranger > Affects Versions: 1.1.0 > Reporter: t oo > Assignee: Kent Yao > Priority: Major > Fix For: 2.0.0 > > Attachments: support_ranger11.tgz > > > Implement SparkSQL plugin -- This message was sent by Atlassian JIRA (v7.6.3#76005)