Versions Compared

Old Version 63

changes.mady.by.user Lefty Leverenz

Saved on

compared with

New Version 64

changes.mady.by.user Lefty Leverenz

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: link Metastore Security to Authorization doc, a few edits

...

The privileges automatically granted to the owner whenever a table gets created. An example like "select,drop" will grant select and drop privilege to the owner of the table.

Hive Metastore Security

Metastore-side security was added in Hive 0.10.0 (HIVE-3705).  For more information, see Metastore Server Security in the Authorization document.

hive.metastore.pre.event.listeners
  • Default Value: (empty)
  • Added In: Hive 0.9.0 

The pre-event listener classes to be loaded on the metastore side to run code whenever databases, tables, and partitions are created, altered, or dropped. Set this configuration property to org.apache.hadoop.hive.ql.security.authorization.AuthorizationPreEventListener in hive-site.xml to turn on Hive metastore-side security.

hive.security.metastore.authorization.manager
  • Default Value: org.apache.hadoop.hive.ql.security.authorization.DefaultHiveMetastoreAuthorizationProvider
  • Added In: Hive 0.10.0 with HIVE-3705

The authorization manager class name to be used in the metastore for authorization. The user-defined authorization class should implement interface org.apache.hadoop.hive.ql.security.authorization.HiveMetastoreAuthorizationProvider.A . The DefaultHiveMetastoreAuthorizationProvider implements the standard Hive grant/revoke model. A storage-based authorization implementation is also provided to use as the value of this configuration property:

...

  • Default Value: org.apache.hadoop.hive.ql.security.HadoopDefaultMetastoreAuthenticator
  • Added In: Hive 0.10.00 with HIVE-3705

The authenticator manager class name to be used in the metastore for authentication. The user-defined authenticator class should implement interface org.apache.hadoop.hive.ql.security.HiveAuthenticationProvider.

hive.metastore.pre.event.listeners
  • Default Value: (empty)
  • Added In:

The pre-event listener classes to be loaded on the metastore side to run code whenever databases, tables, and partitions are created, altered, or dropped. Set this configuration property to org.apache.hadoop.hive.ql.security.authorization.AuthorizationPreEventListener in hive-site.xml for Hive metastore security.

SQL Standard Based Authorization

...