...
HiveServer2 supports Anonymous (no authentication) with and without SASL, Kerberos (GSSAPI), pass through LDAP, Pluggable Custom Authentication and Pluggable Authentication Modules (PAM, supported Hive 0.13 onwards).
Configuration
Panel |
---|
Authentication mode: hive.server2.authentication – Authentication mode, default NONE. Options are NONE ( Usesuses plain SASL), NOSASL, KERBEROS, LDAP, PAM and CUSTOM. Set following for KERBEROS mode: hive.server2.authentication.kerberos.principal – Kerberos principal for server. hive.server2.authentication.kerberos.keytab – Keytab for server principal. Set following for LDAP mode: hive.server2.authentication.ldap.url – LDAP URL .( eg.for example, ldap://hostname.com:389). hive.server2.authentication.ldap.baseDN – LDAP base DN. (Optional for AD.) See User and Group Filter Support with LDAP Atn Provider in HiveServer2 for other LDAP configuration parameters in Hive 1.3.0 and later. Set following for CUSTOM mode: hive.server2.custom.authentication.class – Custom authentication class that implements the For PAM mode, see details in section on PAM below. |
Impersonation
By default HiveServer2 performs the query processing as the user who submitted the query. But if the following parameter is set to false, the query will run as the user that the hiveserver2
process runs as.
...