You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/hdinsight/interactive-query/hdinsight-security-options-for-hive.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,7 +4,7 @@ description: Security options for Hive in Standard and ESP clusters.
4
4
ms.service: hdinsight
5
5
ms.custom: hdinsightactive
6
6
ms.topic: conceptual
7
-
ms.date: 10/02/2020
7
+
ms.date: 02/27/2023
8
8
---
9
9
10
10
# Security options for Hive in Azure HDInsight
@@ -15,20 +15,20 @@ This document describes the recommended security options for Hive in HDInsight.
15
15
16
16
## HiveServer2 authentication
17
17
18
-
For standard clusters, the recommended setting for HiveServer2 authentication is the default which is none. To enable authentication, we recommend upgrading to an [ESP](../domain-joined/hdinsight-security-overview.md) (Enterprise Security Package) cluster.
18
+
For standard clusters, the recommended setting for HiveServer2 authentication is the default, which is none. To enable authentication, we recommend upgrading to an [ESP](../domain-joined/hdinsight-security-overview.md) (Enterprise Security Package) cluster.
19
19
20
-
For ESP clusters, [Kerberos](https://web.mit.edu/Kerberos/) authentication is enabled by default. Pluggable Authentication Modules (PAM) and custom authentication schemes are not supported.
20
+
For ESP clusters, [Kerberos](https://web.mit.edu/Kerberos/) authentication is enabled by default. Pluggable Authentication Modules (PAM) and custom authentication schemes aren't supported.
21
21
22
22
## HiveServer2 authorization
23
23
24
-
For standard clusters, the default setting is None. [SqlStdAuth (SQL Standards Based Authorization)](https://cwiki.apache.org/confluence/display/Hive/SQL+Standard+based+hive+authorization) can be enabled. Authorization through [Apache Ranger](https://ranger.apache.org/)is not supported for standard clusters. We recommend upgrading to an ESP cluster for Ranger Authorization.
24
+
For standard clusters, the default setting is None. [SqlStdAuth (SQL Standards Based Authorization)](https://cwiki.apache.org/confluence/display/Hive/SQL+Standard+based+hive+authorization) can be enabled. Authorization through [Apache Ranger](https://ranger.apache.org/)isn't supported for standard clusters. We recommend upgrading to an ESP cluster for Ranger Authorization.
25
25
26
26
For ESP clusters, authorization through Ranger is enabled by default.
27
27
28
28
29
29
## SSL Encryption for HiveServer2
30
30
31
-
Enabling Hiveserver2 SSL is not recommended for either standard or ESP clusters. SSL is enabled on the gateway instead. [Encryption in transit](../domain-joined/encryption-in-transit.md) can be enabled to encrypt communications among the cluster nodes using [Internet Protocol Security (IPSec)](https://en.wikipedia.org/wiki/IPsec).
31
+
Enabling Hiveserver2 SSL isn't recommended for either standard or ESP clusters. SSL is enabled on the gateway instead. [Encryption in transit](../domain-joined/encryption-in-transit.md) can be enabled to encrypt communications among the cluster nodes using [Internet Protocol Security (IPSec)](https://en.wikipedia.org/wiki/IPsec).
0 commit comments