I've set up ranger on my cluster to enforce permission on databases. It works fantastically with ODBC connections. However, I also have a pyspark kernel for Jupyter Notebook running on the server, which completely bypass any policies applied i.e. by calling HiveContext any users access any database regardless of the permissions I setup on Ranger Hive.
Hive authorization is my primary goal but SparkContext on my Jupyter Notebook would be invaluable as well. Any pointers on how to set this up correctly is highly appreciated.
Thank you @Sandeep Nemuri for your tips. But, I went over to my Ranger's HDFS policy and saw that currently the users do not have direct access to the hive directory? As the policy is usually deny all except when there's an access policy for it?
Do I have to modify this policy?
I think the POSIX permission is most likely what's bypassing this. I'll give it a try and let you know again.
Since then I have spotted another problem with group policy in Ranger.
It appears that users' group doesn't seems to be working for us (allowing a group that the user is a member of, does not grant access). I've try setting hive group based policy (Authenticated with LDAP), but none seems to be working (User based policy works flawlessly). Am I missing anything?