You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@drill.apache.org by br...@apache.org on 2017/07/27 02:43:47 UTC
drill git commit: inI
Repository: drill
Updated Branches:
refs/heads/gh-pages ade03031f -> 4251af470
inI
Project: http://git-wip-us.apache.org/repos/asf/drill/repo
Commit: http://git-wip-us.apache.org/repos/asf/drill/commit/4251af47
Tree: http://git-wip-us.apache.org/repos/asf/drill/tree/4251af47
Diff: http://git-wip-us.apache.org/repos/asf/drill/diff/4251af47
Branch: refs/heads/gh-pages
Commit: 4251af47045d6bbdb1e4a9dc356ceb2a541ac093
Parents: ade0303
Author: Bridget Bevens <bb...@maprtech.com>
Authored: Wed Jul 26 19:42:56 2017 -0700
Committer: Bridget Bevens <bb...@maprtech.com>
Committed: Wed Jul 26 19:42:56 2017 -0700
----------------------------------------------------------------------
.../050-configure-inbound-impersonation.md | 23 ++++++++++++--------
1 file changed, 14 insertions(+), 9 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/drill/blob/4251af47/_docs/configure-drill/securing-drill/050-configure-inbound-impersonation.md
----------------------------------------------------------------------
diff --git a/_docs/configure-drill/securing-drill/050-configure-inbound-impersonation.md b/_docs/configure-drill/securing-drill/050-configure-inbound-impersonation.md
index 2161faa..06f8933 100644
--- a/_docs/configure-drill/securing-drill/050-configure-inbound-impersonation.md
+++ b/_docs/configure-drill/securing-drill/050-configure-inbound-impersonation.md
@@ -1,6 +1,6 @@
---
title: "Configuring Inbound Impersonation"
-date: 2017-07-27 02:19:28 UTC
+date: 2017-07-27 02:42:59 UTC
parent: "Securing Drill"
---
@@ -46,17 +46,22 @@ Policy format:
{ proxy_principals : { users : [“...”, “...”], groups : [“...”, “...”] },
target_principals: { users : [“...”, “...”], groups : [“...”, “...”] } }
-3. Ensure that the proxy user (application) passes the username of the impersonation target user to Drill when creating a connection through the `impersonation_target` connection property. The following examples show you how to do this for JDBC and ODBC:
-
-
- * For JDBC, through SQLLine:
+3. Ensure that the proxy user (application) passes the username of the impersonation target user to Drill when creating a connection through the `impersonation_target` connection property.
- bin/sqlline –u “jdbc:drill:schema=dfs;zk=myclusterzk;impersonation_target=euser1” -n puser1 -p ppass1
-In this example, `puser1` is the user submitting the queries. This user is authenticated. Since this user is authorized to impersonate any user, queries through the established connection are run as `euser1`.
+The following examples show you how to do this for JDBC and ODBC:
+
-
+- For JDBC, through SQLLine:
- * For ODBC on Linux or Mac, you can pass the username through the `DelegationUID` property in the odbc.ini file. See [Configuring ODBC on Linux]({{site.baseurl}}/docs/configuring-odbc-on-linux/) for more information.
+ bin/sqlline –u “jdbc:drill:schema=dfs;zk=myclusterzk;impersonation_target=euser1” -n puser1 -p ppass1
+
+In this example, `puser1` is the user submitting the queries. This user is authenticated. Since this user is authorized to impersonate any user, queries through the established connection are run as `euser1`.
+
+
+- For ODBC on Linux or Mac, you can pass the username through the `DelegationUID` property in the odbc.ini file. See [Configuring ODBC on Linux]({{site.baseurl}}/docs/configuring-odbc-on-linux/) for more information.
+
DelegationUID=euser1
+
+
If you are using ODBC on Windows, you can use the **ODBC Data Source Administrator** to provide the username through the `Delegation UID` field in the MapR Drill ODBC Driver DSN Setup dialog box. See [Configuring ODBC on Windows]({{site.baseurl}}/docs/configuring-odbc-on-windows/) for more information.