On Mon, Jul 12, 2010 at 12:45 PM, Viraj Bhat <[email protected]> wrote: > Hi all, > > I have recently connected Hive with MySQL (as a metastore) from my admin > account. > > http://wiki.apache.org/hadoop/Hive/AdminManual/MetastoreAdmin > > If all users use my hive-site.xml, all of them have access to all the tables > created by Hive. They can either delete or create tables with no access > control between the tables? > > How do we establish this access control between users in an organization > accessing the Hive metastore? > > a) Does it require having a MySQL/Oracle account one per user? > > b) Does it require installing Thrift server? > > Any thoughts would be appreciated. > > Viraj
There are two hive tickets opened for Authorization and and Authentication with Hive. At one point I had them they moved on to someone else, but they have not been updated in a while. https://issues.apache.org/jira/browse/HIVE-78 They can not be truly enforced until the upstream hadoop kerberos work is done, however it can be implemented. If we get hive-78, replication, and the Cassandra storage handler in by the 7.0 release I will be a very happy. So if you are interested in hive-78 you can probably take that issue over. I will not even start on it until I get the cassandra storage handler going. Edward
