THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
Hive Authorization
Table of Contents |
---|
Introduction
Hive provides multiple ways to authorize users:
- Client authorization (default Hive authorization)
- Metastore server security (storage-based authorization)
- SQL standards based authorization (introduced in Hive 0.13.0)
Hive Client Authorization
This section describes Hive security using the basic authorization scheme, which regulates access to Hive metadata on the client side. Starting with Hive release 0.10, additional security measures can be enabled to regulate access on the metastore side, as described in Metastore Server Security below.
...
No Format |
---|
<property> <name>hive.security.metastore.authorization.manager</name> <value>org.apache.hadoop.hive.ql.security.authorization.DefaultHiveMetastoreAuthorizationProvider</value> <description>authorization manager class name to be used in the metastore for authorization. The user defined authorization class should implement interface org.apache.hadoop.hive.ql.security.authorization.HiveMetastoreAuthorizationProvider. </description> </property> <property> <name>hive.security.metastore.authenticator.manager</name> <value>org.apache.hadoop.hive.ql.security.HadoopDefaultMetastoreAuthenticator</value> <description>authenticator manager class name to be used in the metastore for authentication. The user defined authenticator should implement interface org.apache.hadoop.hive.ql.security.HiveAuthenticationProvider. </description> </property> <property> <name>hive.metastore.pre.event.listeners</name> <value> </value> <description>pre-event listener classes to be loaded on the metastore side to run code whenever databases, tables, and partitions are created, altered, or dropped. Set to org.apache.hadoop.hive.ql.security.authorization.AuthorizationPreEventListener if metastore-side authorization is desired. </description> </property> |
SQL Standards Based Authorization
Hive release 0.13.0 introduced authorization based on SQL standards. See SQL Standard Based Hive Authorization for details.