Support Questions
Find answers, ask questions, and share your expertise

Hive metastore authorization

Solved Go to solution
Highlighted

Hive metastore authorization

Contributor

This is NOT about HiveServer2, but only on Hive metastore. Do we have only two choices on Hive metastore property hive.security.metastore.authorization.manager?

  1. StorageBasedAuthorizationProvider
  2. DefaultHiveMetastoreAuthorizationProvider
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Re: Hive metastore authorization

Super Guru

@ScipioTheYounger I would say only one type of authorization is available for metastore and it is the Storage based. The second one is pretty useless. It's the legacy one and it allows users to grant themselves whatever permissions they want.

View solution in original post

2 REPLIES 2
Highlighted

Re: Hive metastore authorization

Super Guru

@ScipioTheYounger I would say only one type of authorization is available for metastore and it is the Storage based. The second one is pretty useless. It's the legacy one and it allows users to grant themselves whatever permissions they want.

View solution in original post

Re: Hive metastore authorization

Hi @ScipioTheYounger

Yes - you are correct (StorageBasedAuthorizationProvider and DefaultHiveMetastoreAuthorizationProvider) are the two provided https://cwiki.apache.org/confluence/display/Hive/Storage+Based+Authorization+in+the+Metastore+Server

DefaultHiveMetastoreAuthorizationProvider = Hive's grant/revoke model

StorageBasedAuthorizationProvider = HDFS permission based model (which is recommended on the apache website)

More info here on configuring for the storage-based model https://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.4.2/bk_Sys_Admin_Guides/content/ref-5422cb60-d1...

Don't have an account?