You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues-all@impala.apache.org by "Tamas Mate (Jira)" <ji...@apache.org> on 2022/10/25 11:56:00 UTC
[jira] [Assigned] (IMPALA-11684) Only use LDAP group filter when there is no authorization provider
[ https://issues.apache.org/jira/browse/IMPALA-11684?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tamas Mate reassigned IMPALA-11684:
-----------------------------------
Assignee: Tamas Mate
> Only use LDAP group filter when there is no authorization provider
> ------------------------------------------------------------------
>
> Key: IMPALA-11684
> URL: https://issues.apache.org/jira/browse/IMPALA-11684
> Project: IMPALA
> Issue Type: Improvement
> Reporter: Tamas Mate
> Assignee: Tamas Mate
> Priority: Major
>
> Impala applies the LDAP group filters during authentication which can deny users even from accessing Impala. We should reconsider this decision because authenticating based on groups falls into a grey area with authorization. Users without group privileges could be authenticated successfully and the authorization provider should handle what they can see.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-all-unsubscribe@impala.apache.org
For additional commands, e-mail: issues-all-help@impala.apache.org