hive-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David McGinnis (JIRA)" <>
Subject [jira] [Updated] (HIVE-21009) LDAP - Specify binddn for ldap-search
Date Tue, 05 Feb 2019 00:24:00 GMT


David McGinnis updated HIVE-21009:
              Labels: features newbie security  (was: )
        Release Note: 
Adds the following configuration properties for plain LDAP authentication to use a specified
bind user to connect to the server:

hive.server2.authentication.ldap.binddn - Fully qualified name of the bind user you want to
hive.server2.authentication.ldap.bindpw - The password for the bind user specified in the
parameter above. This may be contained in the configuration parameters directly, or inside
of a jceks file.

    Target Version/s: 4.0.0
              Status: Patch Available  (was: In Progress)

This change adds the ability for users to specify a single bind user which is used to connect
to LDAP to get the full user name before authenticating the user itself.

> LDAP - Specify binddn for ldap-search
> -------------------------------------
>                 Key: HIVE-21009
>                 URL:
>             Project: Hive
>          Issue Type: Bug
>          Components: HiveServer2
>    Affects Versions: 2.3.2, 2.3.1, 2.3.0, 2.2.0, 2.1.1, 2.1.0
>            Reporter: Thomas Uhren
>            Assignee: David McGinnis
>            Priority: Major
>              Labels: newbie, security, features
>         Attachments: HIVE-21009.01.patch, HIVE-21009.02.patch, HIVE-21009.patch
> When user accounts cannot do an LDAP search, there is currently no way of specifying
a custom binddn to use for the ldap-search.
> So I'm missing something like that:
> {code}
> hive.server2.authentication.ldap.bindn=cn=ldapuser,ou=user,dc=example
> hive.server2.authentication.ldap.bindnpw=password
> {code}

This message was sent by Atlassian JIRA

View raw message