[
https://issues.apache.org/jira/browse/HIVE-13867?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Thejas M Nair reassigned HIVE-13867:
------------------------------------
Assignee: Thejas M Nair
> restore HiveAuthorizer interface changes
> ----------------------------------------
>
> Key: HIVE-13867
> URL: https://issues.apache.org/jira/browse/HIVE-13867
> Project: Hive
> Issue Type: Bug
> Reporter: Thejas M Nair
> Assignee: Thejas M Nair
> Priority: Blocker
>
> TLDR: Some of the changes to hive authorizer interface made as part of
> HIVE-13360 are inappropriate and need to be restored.
> Regarding the move of ip address from the query context object
> (HiveAuthzContext) to HiveAuthenticationProvider. That isn't the right place
> for it.
> In HS2 HTTP mode, when proxies and knox servers are between end user and HS2
> , every request for single session does not have to come via a single IP
> address.
> Current assumption in hive code base is that the IP address is valid for the
> entire session. This might not hold true for ever.
> A limitation in HS2 that it holds state for the session would currently force
> the user configure proxies and knox to remember which next Host it was using,
> because they need to have state to remember the HS2 instance to be used! But
> that is a limitation that ideally goes away some day, and when that happens,
> HiveAuthzContext would be the right place for keeping the IP address!
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
