Authorization configuration parameters

Understanding key authorization parameter descriptions help you configure storage-based authorization correctly.

Table 1. Authorization Parameters in hive-site.xml
Configuration Property	Description
`hive.security.authorization.enabled`	Enables or disables Hive client authorization done as part of query compilation. This property must be set to `false` in the hive-site.xml file for storage-based authorization, as it is already enabled via checks on metastore API calls.
`hive.server2.enable.doAs`	Allows Hive queries to be run by the user who submits the query rather than the Hive user. Must be set to `true` for storage-based access.
`hive.metastore.pre.event.listeners`	Enables Metastore security. Specify the following value: `org.apache.hadoop.hive.ql.security.authorization.` `AuthorizationPreEventListener`.
`hive.security.metastore.authorization.manager`	The class name of the Hive Metastore authorization manager. Specify the following value for storage-based authorization: `org.apache.hadoop.hive.ql.security.authorization.` `StorageBasedAuthorizationProvider`.