Doris版本:2.1.7
用户没有hive catalog权限,但是可以访问hive catalog下的库表,这是权限没控制住吧
查看用户权限
hive catalog创建语句如下
CREATE CATALOG hive PROPERTIES (
"yarn.resourcemanager.principal" = "rm/_HOST@HUAN.TV",
"uri" = "thrift://ali-odp-master-01.huan.tv:9083,thrift://ali-odp-master-02.huan.tv:9083",
"type" = "hms",
"oss.secret_key" = "",
"oss.endpoint" = "",
"oss.access_key" = "",
"metadata_refresh_interval_sec" = "3600",
"hive.version" = "3.1.3",
"hive.metastore.uris" = "thrift://ali-odp-master-01.huan.tv:9083,thrift://ali-odp-master-02.huan.tv:9083",
"hive.metastore.sasl.enabled" = "true",
"hive.metastore.kerberos.principal" = "hive/_HOST@HUAN.TV",
"hadoop.security.authentication" = "kerberos",
"hadoop.kerberos.principal" = "hive@HUAN.TV",
"hadoop.kerberos.keytab" = "/root/hive.keytab",
"dfs.nameservices" = "ha-nn",
"dfs.namenode.rpc-address.ha-nn.nn2" = "ali-odp-master-02.huan.tv:8020",
"dfs.namenode.rpc-address.ha-nn.nn1" = "ali-odp-master-01.huan.tv:8020",
"dfs.ha.namenodes.ha-nn" = "nn1,nn2",
"dfs.client.failover.proxy.provider.ha-nn" = "org.apache.hadoop.hdfs.server.namenode.ha.ConfiguredFailoverProxyProvider",
"access_controller.properties.ranger.service.name" = "hive",
"access_controller.class" = "org.apache.doris.catalog.authorizer.ranger.hive.RangerHiveAccessControllerFactory"
);
