Cloudera Sentry is an authorization mechanism in hadoop. Normally many peoples are confused between authorization and authentication.
So what is the difference between authentication and authorization???
Authentication verifies “who you are“. authentication is the mechanisms where systems may identified their users.
Authorization means “what you are authorized to do“. In other words authorization is the mechanisms by which a system determines what level of access a particular(authenticated) user should have to resource controlled by the system.
Authorization is happening after a successful authentication.
Cloudera sentry is a cloudera based product which used for authorization mechanisms in hadoop.Now sentry is a fine grained authorization for hive-server2 and impala.
Features of Sentry :
1.) Secure Authorization – Using cloudera sentry, we can control access to data and provide privileges on data for authenticated users.
2.)Fine-grained authorization – Using cloudera sentry, we can provide access/restrictions on databases, tables and views.we can provide permissions in particular rows/columns in a particular table
3.) Role based authorization – Authorization based on functional roles.which means a normal user can access a limited number of files.but a super user or admin user can access to many files or databases.