conf/sentry-site.xml.hive-client.template

<?xml version="1.0"?>
<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
<!--
   Licensed to the Apache Software Foundation (ASF) under one or more
   contributor license agreements.  See the NOTICE file distributed with
   this work for additional information regarding copyright ownership.
   The ASF licenses this file to You under the Apache License, Version 2.0
   (the "License"); you may not use this file except in compliance with
   the License.  You may obtain a copy of the License at

       http://www.apache.org/licenses/LICENSE-2.0

   Unless required by applicable law or agreed to in writing, software
   distributed under the License is distributed on an "AS IS" BASIS,
   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   See the License for the specific language governing permissions and
   limitations under the License.
-->

<!-- WARNING!!! This file is provided for documentation purposes ONLY!              -->
<!-- WARNING!!! You should copy to sentry-site.xml and make modification instead.   -->


<configuration>

  <property>
    <name>sentry.service.security.mode</name>
    <value>kerberos</value>
    <description>Options: kerberos, none.  Authentication mode for Sentry service. Currently supports Kerberos and trusted mode </description>
  </property>
 
  <property>
    <name>sentry.service.server.principal</name>
    <value> </value>
    <description>Service Kerberos principal</description>
  </property>


  <property>
    <name>sentry.service.client.server.rpc-addresses</name>
    <value> </value>
    <description> TCP address of the sentry store server</description>
  </property>

  <property>
    <name>sentry.service.client.server.rpc-port</name>
    <value> </value>
    <description>Port # of the sentry store server</description>
  </property>

  <property>
    <name>sentry.service.client.server.rpc-connection-timeout</name>
    <value>200000</value>
    <description>Client timeout default(200000) RPC connection timeout in milisecs</description>
  </property>

  <property>
    <name>sentry.metastore.service.users</name>
    <value> </value>
    <description>
      Comma separated list of users
      List of service users (eg hive, impala) to bypass
      the Sentry metastore authorization. These
      services handle the metadata authorization
      on their side.
    </description>
  </property>

<!--
    Some common client properties same as file
    based provider
-->

  <property>
    <name>sentry.hive.provider</name>
    <value>org.apache.sentry.provider.file.HadoopGroupResourceAuthorizationProvider</value>
    <description> Deprecated name: hive.sentry.provider.  Group mapping which should be used at client side</description>
  </property>

  <property>
    <name>sentry.hive.server</name>
    <value>HS2</value>
    <description> Deprecated name: hive.sentry.server.  Defaut: HS2.  Hive Server2 Server identifier like "server1"</description>
  </property>

  <property>
    <name>sentry.hive.failure.hooks</name>
    <value> </value>
    <description>Deprecated Name:  hive.sentry.failure.hooks</description>
  </property>

  <property>
    <name>sentry.hive.provider.backend</name>
    <value>org.apache.sentry.provider.file.SimpleFileProviderBackend</value>
    <description> Options: {org.apache.sentry.provider.db.SimpleDBProviderBackend, org.apache.sentry.provider.file.SimpleFileProviderBackend}
      Privilege provider to be used, we support file based or db based
    </description>
  </property>

</configuration>