THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
Hive Authorization
Table of Contents |
---|
...
To enable Hive metastore server security, set these parameters in hive-site.xml
:
hive.metastore.pre.event.listeners –
– Set to toorg.apache.hadoop.hive.ql.security.authorization.AuthorizationPreEventListener
. This turns on Metastoremetastore-side security.hive.security.metastore.authorization.manager
– Set toorg.apache.hadoop.hive.ql.security.authorization.DefaultHiveMetastoreAuthorizationProvider
. This tells hive Hive which metastore-side authorization provider to use. TheDefaultHiveMetastoreAuthorizationProvider
implements the standard hive Hive grant/revoke model. To use a hdfs an HDFS permission-based model to do your authorization, you can useorg.apache.hadoop.hive.ql.security.authorization.StorageBasedAuthorizationProvider
instead.hive.security.metastore.authenticator.manager
– Set toorg.apache.hadoop.hive.ql.security.HadoopDefaultMetastoreAuthenticator
.
The snippet below shows the keys as they are in a default state in hive-site.xml
(metastore-side auth security set up to use the default authorization/authentication, but disabled). Please edit in information as above to get the desired authorization behaviour:
...