Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature][taier-data-develop] hiveserver&sparkThriftserver链接方式增加权限隔离 #1146

Open
3 tasks done
feelshana opened this issue Dec 6, 2023 · 1 comment
Open
3 tasks done

[Feature][taier-data-develop] hiveserver&sparkThriftserver链接方式增加权限隔离 #1146

feelshana opened this issue Dec 6, 2023 · 1 comment
Labels
feature New feature

Comments

@feelshana
Copy link
Contributor

Search before asking

  • I had searched in the issues and found no similar feature requirement.

Description

目前的hive/spark-thriftserver数据源非krb方式,通过配置的数据源进行任务提交存在权限问题:
1.配置用户时,数据源被不同用户使用时候变成同一用户(配置用户),
2.如果不配置用户,会变成匿名用户,没有权限
建议通过配置用户进行链接测试,提交任务时通过hive代理用户来进行权限隔离;hive.server2.proxy.user对于hiveServer2与sparkThriftserver2都适用

Use case

client的数据源url配置中增加hive.server2.proxy.use为当前登录用户

Related issues

No response

Are you willing to submit a PR?

  • Yes I am willing to submit a PR!

Code of Conduct
@vainhope
Copy link
Collaborator

taier用户需要和ldap信息打通 来实现proxy用户隔离

@vainhope vainhope added the feature New feature label Mar 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature New feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@feelshana @vainhope