You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@drill.apache.org by br...@apache.org on 2017/07/27 02:11:09 UTC
drill git commit: update inbound impersonation to include odbc
instruction
Repository: drill
Updated Branches:
refs/heads/gh-pages 69572e351 -> 63498c1a2
update inbound impersonation to include odbc instruction
Project: http://git-wip-us.apache.org/repos/asf/drill/repo
Commit: http://git-wip-us.apache.org/repos/asf/drill/commit/63498c1a
Tree: http://git-wip-us.apache.org/repos/asf/drill/tree/63498c1a
Diff: http://git-wip-us.apache.org/repos/asf/drill/diff/63498c1a
Branch: refs/heads/gh-pages
Commit: 63498c1a2cdbbbff903f3d2e785d9ae6cdc64712
Parents: 69572e3
Author: Bridget Bevens <bb...@maprtech.com>
Authored: Wed Jul 26 19:10:06 2017 -0700
Committer: Bridget Bevens <bb...@maprtech.com>
Committed: Wed Jul 26 19:10:06 2017 -0700
----------------------------------------------------------------------
.../050-configure-inbound-impersonation.md | 17 +++++++++++++----
1 file changed, 13 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/drill/blob/63498c1a/_docs/configure-drill/securing-drill/050-configure-inbound-impersonation.md
----------------------------------------------------------------------
diff --git a/_docs/configure-drill/securing-drill/050-configure-inbound-impersonation.md b/_docs/configure-drill/securing-drill/050-configure-inbound-impersonation.md
index 244c085..28d699c 100644
--- a/_docs/configure-drill/securing-drill/050-configure-inbound-impersonation.md
+++ b/_docs/configure-drill/securing-drill/050-configure-inbound-impersonation.md
@@ -1,6 +1,6 @@
---
title: "Configuring Inbound Impersonation"
-date: 2016-03-16 19:05:49 UTC
+date: 2017-07-27 02:10:07 UTC
parent: "Securing Drill"
---
@@ -46,8 +46,17 @@ Policy format:
{ proxy_principals : { users : [“...”, “...”], groups : [“...”, “...”] },
target_principals: { users : [“...”, “...”], groups : [“...”, “...”] } }
-3. Ensure that the proxy user (application) passes the username of the impersonation target user to Drill when creating a connection through the `impersonation_target` connection property. For example, through sqlline:
+3. Ensure that the proxy user (application) passes the username of the impersonation target user to Drill when creating a connection through the `impersonation_target` connection property. The following examples show you how to do this for JDBC and ODBC:
+
+
+ * For JDBC, through SQLLine:
- bin/sqlline –u “jdbc:drill:schema=dfs;zk=myclusterzk;impersonation_target=euser1” -n puser1 -p ppass1
+ bin/sqlline –u “jdbc:drill:schema=dfs;zk=myclusterzk;impersonation_target=euser1” -n puser1 -p ppass1
-In this example, `puser1` is the user submitting the queries. This user is authenticated. Since this user is authorized to impersonate any user, queries through the established connection are run as `euser1`.
+ In this example, `puser1` is the user submitting the queries. This user is authenticated. Since this user is authorized to impersonate any user, queries through the established connection are run as `euser1`.
+
+ * For ODBC on Linux or Mac, you can pass the username through the `DelegationUID` property in the odbc.ini file. See [Configuring ODBC on Linux]({{site.baseurl}}/docs/configuring-odbc-on-linux/) for more information.
+
+ DelegationUID=euser1
+
+ If you are using ODBC on Windows, you can use the **ODBC Data Source Administrator** to provide the username through the `Delegation UID` field in the MapR Drill ODBC Driver DSN Setup dialog box. See [Configuring ODBC on Windows]({{site.baseurl}}/docs/configuring-odbc-on-windows/) for more information.