| <?xml version="1.0"?> |
| <?xml-stylesheet type="text/xsl" href="configuration.xsl"?> |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one or more |
| contributor license agreements. See the NOTICE file distributed with |
| this work for additional information regarding copyright ownership. |
| The ASF licenses this file to You under the Apache License, Version 2.0 |
| (the "License"); you may not use this file except in compliance with |
| the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| --> |
| |
| <!-- WARNING!!! This file is provided for documentation purposes ONLY! --> |
| <!-- WARNING!!! You should copy to sentry-site.xml and make modification instead. --> |
| |
| |
| <configuration> |
| |
| <property> |
| <name>sentry.service.security.mode</name> |
| <value>kerberos</value> |
| <description>Options: kerberos, none. Authentication mode for Sentry service. Currently supports Kerberos and trusted mode </description> |
| </property> |
| |
| <property> |
| <name>sentry.service.server.principal</name> |
| <value> </value> |
| <description>Service Kerberos principal</description> |
| </property> |
| |
| |
| <property> |
| <name>sentry.service.client.server.rpc-address</name> |
| <value> </value> |
| <description> TCP address of the sentry store server</description> |
| </property> |
| |
| <property> |
| <name>sentry.service.client.server.rpc-port</name> |
| <value> </value> |
| <description>Port # of the sentry store server</description> |
| </property> |
| |
| <property> |
| <name>sentry.service.client.server.rpc-connection-timeout</name> |
| <value>200000</value> |
| <description>Client timeout default(200000) RPC connection timeout in milisecs</description> |
| </property> |
| |
| <property> |
| <name>sentry.metastore.service.users</name> |
| <value> </value> |
| <description> |
| Comma separated list of users |
| List of service users (eg hive, impala) to bypass |
| the Sentry metastore authorization. These |
| services handle the metadata authorization |
| on their side. |
| </description> |
| </property> |
| |
| <!-- |
| Some common client properties same as file |
| based provider |
| --> |
| |
| <property> |
| <name>sentry.provider</name> |
| <value>org.apache.sentry.provider.file.HadoopGroupResourceAuthorizationProvider</value> |
| <description> Deprecated name: hive.sentry.provider. Group mapping which should be used at client side</description> |
| </property> |
| |
| <property> |
| <name>sentry.hive.server</name> |
| <value>HS2</value> |
| <description> Deprecated name: hive.sentry.server. Defaut: HS2. Hive Server2 Server identifier like "server1"</description> |
| </property> |
| |
| <property> |
| <name>sentry.hive.failure.hooks</name> |
| <value> </value> |
| <description>Deprecated Name: hive.sentry.failure.hooks</description> |
| </property> |
| |
| <property> |
| <name>sentry.hive.provider.backend</name> |
| <value>org.apache.sentry.provider.file.SimpleFileProviderBackend</value> |
| <description> Options: {org.apache.sentry.provider.db.SimpleDBProviderBackend, org.apache.sentry.provider.file.SimpleFileProviderBackend} |
| Privilege provider to be used, we support file based or db based |
| </description> |
| </property> |
| |
| </configuration> |