[ https://issues.apache.org/jira/browse/HIVE-12429?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Daniel Dai updated HIVE-12429: ------------------------------ Attachment: HIVE-12429.17.patch Attach patch based on [~sushanth]'s review comments. Actually throwing exception will cause usability issue. Since the default authorizer is now SBAP. If we don't define otherwise in hive-site.xml, metastore will throw exception. That will force user to define a separate hive-site.xml for metastore. Returning false and issue a message would be better. > Switch default Hive authorization to SQLStandardAuth in 2.0 > ----------------------------------------------------------- > > Key: HIVE-12429 > URL: https://issues.apache.org/jira/browse/HIVE-12429 > Project: Hive > Issue Type: Task > Components: Authorization, Security > Affects Versions: 2.0.0 > Reporter: Alan Gates > Assignee: Daniel Dai > Attachments: HIVE-12429.1.patch, HIVE-12429.10.patch, > HIVE-12429.11.patch, HIVE-12429.12.patch, HIVE-12429.13.patch, > HIVE-12429.14.patch, HIVE-12429.15.patch, HIVE-12429.16.patch, > HIVE-12429.17.patch, HIVE-12429.2.patch, HIVE-12429.3.patch, > HIVE-12429.4.patch, HIVE-12429.5.patch, HIVE-12429.6.patch, > HIVE-12429.7.patch, HIVE-12429.8.patch, HIVE-12429.9.patch > > > Hive's default authorization is not real security, as it does not secure a > number of features and anyone can grant access to any object to any user. We > should switch the default to SQLStandardAuth, which provides real > authentication. > As this is a backwards incompatible change this was hard to do previously, > but 2.0 gives us a place to do this type of change. > By default authorization will still be off, as there are a few other things > to set when turning on authorization (such as the list of admin users). -- This message was sent by Atlassian JIRA (v6.3.4#6332)