[
https://issues.apache.org/jira/browse/HIVE-17606?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16184668#comment-16184668
]
Thejas M Nair commented on HIVE-17606:
--------------------------------------
{code}
try {
+ rsp = metaStoreClient.getNextNotification(firstEventId, 0, null);
+ assertEquals(1, rsp.getEventsSize());
+ // Turn auth back on. That should fail the call and we do expect the
exception
+
hconf.setBoolVar(HiveConf.ConfVars.METASTORE_EVENT_DB_NOTIFICATION_API_AUTH,
true);
+ rsp = metaStoreClient.getNextNotification(firstEventId, 0, null);
+ }
{code}
In above section, if the first call to metaStoreClient.getNextNotification
throws an exception, the test would still succeed. Is that right ?
> Improve security for DB notification related APIs
> -------------------------------------------------
>
> Key: HIVE-17606
> URL: https://issues.apache.org/jira/browse/HIVE-17606
> Project: Hive
> Issue Type: Improvement
> Components: Metastore
> Reporter: Tao Li
> Assignee: Tao Li
> Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch,
> HIVE-17606.3.patch, HIVE-17606.4.patch, HIVE-17606.5.patch,
> HIVE-17606.6.patch, HIVE-17606.7.patch, HIVE-17606.8.patch, HIVE-17606.9.patch
>
>
> The purpose is to make sure only the superusers which are specified in the
> proxyuser settings can make the db notification related API calls, since this
> is supposed to be called by superuser/admin instead of any end user.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
