You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2022/08/15 09:28:00 UTC

[jira] [Commented] (KNOX-2783) User can be mapped to an empty virtual group

    [ https://issues.apache.org/jira/browse/KNOX-2783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17579609#comment-17579609 ] 

ASF subversion and git services commented on KNOX-2783:
-------------------------------------------------------

Commit 255ca75236a415e72ff506546135a660708bf6a3 in knox's branch refs/heads/master from Attila Magyar
[ https://gitbox.apache.org/repos/asf?p=knox.git;h=255ca7523 ]

KNOX-2783 - User can be mapped to an empty virtual group (#611)



> User can be mapped to an empty virtual group
> --------------------------------------------
>
>                 Key: KNOX-2783
>                 URL: https://issues.apache.org/jira/browse/KNOX-2783
>             Project: Apache Knox
>          Issue Type: Improvement
>            Reporter: Attila Magyar
>            Assignee: Attila Magyar
>            Priority: Minor
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> If there is no group name after the dot, the user is getting mapped to an "" group.
> {code}
> <provider>
>          <role>identity-assertion</role>
>          <name>HadoopGroupProvider</name>
>          <enabled>true</enabled>
>          <param>
>             <name>hadoop.security.group.mapping</name>
>             <value>org.apache.hadoop.security.ShellBasedUnixGroupsMapping</value>
>         </param>
>         <param>
>             <name>group.mapping.</name>
>             <value>true</value>
>         </param>
>       </provider>
> {code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)