[
https://issues.apache.org/jira/browse/HIVE-7193?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Naveen Gangam updated HIVE-7193:
--------------------------------
Attachment: LDAPAuthentication_Design_Doc_V2.docx
Attached is an updated doc with the new design. The goal of the design is not
only to make LDAP Authenticator more feature-rich, but to also make it generic
enough to make it work with all LDAP implementations available while keeping
the number of parameters to be configured to a small set. When needed, code
made assumptions based on popular implementations but also provided a safety
valve (customQuery) that will get around this assumption.
Please provide feedback. Thanks
> Hive should support additional LDAP authentication parameters
> -------------------------------------------------------------
>
> Key: HIVE-7193
> URL: https://issues.apache.org/jira/browse/HIVE-7193
> Project: Hive
> Issue Type: Bug
> Affects Versions: 0.10.0
> Reporter: Mala Chikka Kempanna
> Assignee: Naveen Gangam
> Attachments: HIVE-7193.patch, LDAPAuthentication_Design_Doc.docx,
> LDAPAuthentication_Design_Doc_V2.docx
>
>
> Currently hive has only following authenticator parameters for LDAP
> authentication for hiveserver2.
> <property>
> <name>hive.server2.authentication</name>
> <value>LDAP</value>
> </property>
> <property>
> <name>hive.server2.authentication.ldap.url</name>
> <value>ldap://our_ldap_address</value>
> </property>
> We need to include other LDAP properties as part of hive-LDAP authentication
> like below
> a group search base -> dc=domain,dc=com
> a group search filter -> member={0}
> a user search base -> dc=domain,dc=com
> a user search filter -> sAMAAccountName={0}
> a list of valid user groups -> group1,group2,group3
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
