You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@drill.apache.org by "Julian Hyde (JIRA)" <ji...@apache.org> on 2016/07/22 19:58:20 UTC

[jira] [Commented] (DRILL-4280) Kerberos Authentication

    [ https://issues.apache.org/jira/browse/DRILL-4280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15390108#comment-15390108 ] 

Julian Hyde commented on DRILL-4280:
------------------------------------

If the main (only?) use case is client-to-drill communication, rather than drill-to-drill communication, and since Avatica already does Kerberos (see CALCITE-1159) it seems to me that a client based on Avatica would be an alternative. This would solve DRILL-4791 as well.

What are the pros and cons of Avatica?

> Kerberos Authentication
> -----------------------
>
>                 Key: DRILL-4280
>                 URL: https://issues.apache.org/jira/browse/DRILL-4280
>             Project: Apache Drill
>          Issue Type: Improvement
>            Reporter: Keys Botzum
>            Assignee: Sudheesh Katkam
>              Labels: security
>
> Drill should support Kerberos based authentication from clients. This means that both the ODBC and JDBC drivers as well as the web/REST interfaces should support inbound Kerberos. For Web this would most likely be SPNEGO while for ODBC and JDBC this will be more generic Kerberos.
> Since Hive and much of Hadoop supports Kerberos there is a potential for a lot of reuse of ideas if not implementation.
> Note that this is related to but not the same as https://issues.apache.org/jira/browse/DRILL-3584 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)