You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues-all@impala.apache.org by "Tamas Mate (Jira)" <ji...@apache.org> on 2022/10/25 11:56:00 UTC

[jira] [Assigned] (IMPALA-11684) Only use LDAP group filter when there is no authorization provider

     [ https://issues.apache.org/jira/browse/IMPALA-11684?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Tamas Mate reassigned IMPALA-11684:
-----------------------------------

    Assignee: Tamas Mate

> Only use LDAP group filter when there is no authorization provider
> ------------------------------------------------------------------
>
>                 Key: IMPALA-11684
>                 URL: https://issues.apache.org/jira/browse/IMPALA-11684
>             Project: IMPALA
>          Issue Type: Improvement
>            Reporter: Tamas Mate
>            Assignee: Tamas Mate
>            Priority: Major
>
> Impala applies the LDAP group filters during authentication which can deny users even from accessing Impala. We should reconsider this decision because authenticating based on groups falls into a grey area with authorization. Users without group privileges could be authenticated successfully and the authorization provider should handle what they can see.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-all-unsubscribe@impala.apache.org
For additional commands, e-mail: issues-all-help@impala.apache.org