This is the documentation for CDH 4.7.1.
Documentation for other versions is available at Cloudera Documentation.

Hive Security Configuration

Here is a summary of the status of Hive security in CDH4:

  • Sentry enables role-based, fine-grained authorization for HiveServer2. See Configuring Sentry.
  • HiveServer2 supports authentication of the Thrift client using Kerberos or user/password validation backed by LDAP. For configuration instructions, see HiveServer2 Security Configuration.
  • Earlier versions of HiveServer do not support Kerberos authentication for clients. However, the Hive MetaStoreServer does support Kerberos authentication for Thrift clients. For configuration instructions, see Hive MetaStoreServer Security Configuration.

See also: Using Hive to Run Queries on a Secure HBase Server