sentry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shreepadma Venugopalan (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (SENTRY-20) Sentry should throw an exception if testing.mode is not set on non-secure cluster
Date Tue, 24 Sep 2013 00:49:02 GMT

     [ https://issues.apache.org/jira/browse/SENTRY-20?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Shreepadma Venugopalan updated SENTRY-20:
-----------------------------------------

    Attachment: SENTRY-20.patch
    
> Sentry should throw an exception if testing.mode is not set on non-secure cluster
> ---------------------------------------------------------------------------------
>
>                 Key: SENTRY-20
>                 URL: https://issues.apache.org/jira/browse/SENTRY-20
>             Project: Sentry
>          Issue Type: Improvement
>            Reporter: Mohit Sabharwal
>            Assignee: Shreepadma Venugopalan
>         Attachments: SENTRY-20.patch
>
>
> Currently, on non-Kerberized clusters, Sentry logs an error message and proceeds to block
access for everybody for every operation.
> ERROR org.apache.sentry.binding.hive.authz.HiveAuthzBinding: HiveServer2 authentication
method cannot be set to none unless testing mode is enabled
> When operations fail, it's not clear if it's unhappy because the policy file is not parse-able,
it's a policy file permission issue, or if it doesn't like non-Kerberos clusters.
> The error message is followed by bunch of auth failure exceptions, so it's hard to see
this error message. It should throw an exception instead.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message