sentry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mohit Sabharwal (JIRA)" <j...@apache.org>
Subject [jira] [Created] (SENTRY-20) Sentry should throw an exception if testing.mode is not set on non-secure cluster
Date Mon, 23 Sep 2013 21:29:02 GMT
Mohit Sabharwal created SENTRY-20:
-------------------------------------

             Summary: Sentry should throw an exception if testing.mode is not set on non-secure
cluster
                 Key: SENTRY-20
                 URL: https://issues.apache.org/jira/browse/SENTRY-20
             Project: Sentry
          Issue Type: Improvement
            Reporter: Mohit Sabharwal


Currently, on non-Kerberized clusters, Sentry logs an error message and proceeds to block
access for everybody for every operation.

ERROR org.apache.sentry.binding.hive.authz.HiveAuthzBinding: HiveServer2 authentication method
cannot be set to none unless testing mode is enabled

When operations fail, it's not clear if it's unhappy because the policy file is not parse-able,
it's a policy file permission issue, or if it doesn't like non-Kerberos clusters.

The error message is followed by bunch of auth failure exceptions, so it's hard to see this
error message. It should throw an exception instead.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message