SAS/ACCESS uses the
Hadoop Hive Server to access Hadoop data.
SAS/ACCESS creates a JDBC
connection and passes the user ID and password that you specify to
Hive. Through Hive 8, JDBC ignores these credentials, instead associating
Hive permissions with the UNIX user ID that started the Hive Service.
SAS/ACCESS creates new
Hive tables using the Hadoop Distributed File System (HDFS) Streaming
API. The API requires a valid user ID and password. When you create
or append to a table, the user ID and password that you provide in
the LIBNAME statement is passed to this streaming method. The user
ID must be valid on the Hadoop cluster and needs Write access to the
Hadoop /tmp and the Hive warehouse directories. Therefore, the Hadoop
system administrator should ensure Write access to the HDFS /tmp and
Hive warehouse directories for all user IDs that are permitted to
create or append to Hive tables with
SAS/ACCESS.
To optimize large data
reads,
SAS/ACCESS can use the API instead of JDBC to read Hive result
sets. Similar requirements apply: a valid Hadoop user ID and password,
and Write access to Hadoop /tmp.
Future Hive editions
will address JDBC security limitations. While USER= and PASSWORD=
are not yet fully enabled, use both USER= and PASSWORD= on LIBNAME
and CONNECT statements to prepare for future Hive releases.