ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kent Yao (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (RANGER-2128) Implement SparkSQL plugin
Date Mon, 16 Jul 2018 06:41:00 GMT

    [ https://issues.apache.org/jira/browse/RANGER-2128?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16544855#comment-16544855
] 

Kent Yao commented on RANGER-2128:
----------------------------------

My env is a fully kerberized cluster, and I ran thrift server with spark2.3.1(built-in hive)
 on yarn against Apache Hadoop2.7.3/Hive Metastore Server2.1/ranger0.5.3-rc3

With the below secure options
{code:java}
hive.security.authorization.manager=org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizerFactory
hive.security.metastore.authenticator.manager=org.apache.hadoop.hive.ql.security.HadoopDefaultMetastoreAuthenticator
hive.security.metastore.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.StorageBasedAuthorizationProvider
hive.server2.authentication=KERBEROS
hive.server2.enable.doAs=false
{code}

Only works for single user who start the server, fails to switch user

The exception is related to the thrift server do "use:database" action during opening session,
which will call sparksession.sql("use default"), AFAIK once it is executed the Isolated Hive
classloader will be turned off




> Implement SparkSQL plugin
> -------------------------
>
>                 Key: RANGER-2128
>                 URL: https://issues.apache.org/jira/browse/RANGER-2128
>             Project: Ranger
>          Issue Type: New Feature
>          Components: plugins, Ranger
>    Affects Versions: 1.1.0
>            Reporter: t oo
>            Assignee: Kent Yao
>            Priority: Major
>             Fix For: 2.0.0
>
>         Attachments: support_ranger11.tgz
>
>
> Implement SparkSQL plugin



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message