You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@superset.apache.org by GitBox <gi...@apache.org> on 2021/09/23 15:31:10 UTC

[GitHub] [superset] sadiqkhoja opened a new issue #16812: Row level security in embedded charts [Guidance needed]

sadiqkhoja opened a new issue #16812:
URL: https://github.com/apache/superset/issues/16812


   Hi,
   
   I need some guidance on how to embed superset charts with row level security. Here is what I am thinking to do:
   
   1- Create an user in superset for my custom application
   2- When an user wants to see any chart, custom app sends its credentials to superset from backend and set the row level security RLS (where clause). A JWT token return to the front end
   3- Front end passes JWT token to iFrame.
   
   So the question is is it possible to set some session details to be used for RLS when logging in from external application?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org

[GitHub] [superset] amitmiran137 commented on issue #16812: Row level security in embedded charts [Guidance needed]

Posted by GitBox <gi...@apache.org>.

amitmiran137 commented on issue #16812:
URL: https://github.com/apache/superset/issues/16812#issuecomment-926195263


   This is such an interesting topic for me these days . 
   We have a few different solutions for that but lately we are considering a few other options to what would be the ultimate row level security solution .
   I'll update here soon once we'll finish up with the details


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org

[GitHub] [superset] vedangparasnis edited a comment on issue #16812: Row level security in embedded charts [Guidance needed]

Posted by GitBox <gi...@apache.org>.

vedangparasnis edited a comment on issue #16812:
URL: https://github.com/apache/superset/issues/16812#issuecomment-1005980048


   @sadiqkhoja @amitmiran137  I have a question we are using OAUTH with using keycloak as authorization server. However, when my application (Nextjs)  tries to initiate a new session in superset on its behalf the browser based authorization flow works but the charts required re login (assuming keycloak does not work with xhr when token exchange is done) and yes we are also passing id which we want the role level security applied on it. (We dont send any token in iframe url) assuming global session is inititated.  Is there any approach for this usecase .


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org

[GitHub] [superset] vedangparasnis edited a comment on issue #16812: Row level security in embedded charts [Guidance needed]

Posted by GitBox <gi...@apache.org>.

vedangparasnis edited a comment on issue #16812:
URL: https://github.com/apache/superset/issues/16812#issuecomment-1005980048


   @sadiqkhoja @amitmiran137  I have a question we are using OAUTH with using keycloak as authorization server. However, when my application (Nextjs)  tries to initiate a new session in superset on its behalf the browser based authorization flow works but the charts required re login (assuming keycloak does not work with xhr when token exchange is done) and yes we are also passing id which we want the role level security applied on it. (We dont send any token in iframe url) assuming global session is inititated. 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org

[GitHub] [superset] junlincc commented on issue #16812: Row level security in embedded charts [Guidance needed]

Posted by GitBox <gi...@apache.org>.

junlincc commented on issue #16812:
URL: https://github.com/apache/superset/issues/16812#issuecomment-926111986


   @amitmiran137 Hey fellow PMC, If you happen to know, please help. 🙏


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org

[GitHub] [superset] vedangparasnis commented on issue #16812: Row level security in embedded charts [Guidance needed]

Posted by GitBox <gi...@apache.org>.

vedangparasnis commented on issue #16812:
URL: https://github.com/apache/superset/issues/16812#issuecomment-1005980048


   @sadiqkhoja @amitmiran137  I have a question we are using OAUTH with flask using keycloak as authorization server. However, when my application tries to initiate a new session in superset on its behalf the browser based authorization flow works but the charts required re login (assuming keycloak does not work with xhr when token exchange is done) and yes we are also passing id which we want the role level security applied on it. (We dont send any token in iframe url) assuming global session is inititated. 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org