1. New Feature: Authorization with Grant And Revoke

Hive 0.13 provides secure authorization using the GRANT and REVOKE SQL statements. Use the following procedure to manually enable standard SQL authorization:

[Note]Note

This procedure is unnecessary if your Hive administrator installed Hive using Ambari.

  1. Set the following configuration parameters in hive-site.xml:

     

    Table 3.1. Configuration Parameters for Standard SQL Authorization

    Configuration ParameterRequired Value
    hive.server2.enable.doAsfalse
    hive.users.in.admin.roleComma-separated list of users granted the administrator role.


  2. Start HiveServer2 with the following command-line options:

     

    Table 3.2. HiveServer2 Command-Line Options

    Command-Line OptionRequired Value
    -hiveconf hive.security.authorization.managerorg.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory
    -hiveconf hive.security.authorization.enabledtrue
    -hiveconf hive.security.authenticator.managerorg.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator
    -hiveconf hive.metastore.uris' ' (a space inside single quotation marks)


[Note]Note

Hive continues to provide storage-based authorization. See Hive Authorization Without GRANT/REVOKE for more information.


loading table of contents...