You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues-all@impala.apache.org by "Thomas Tauber-Marshall (JIRA)" <ji...@apache.org> on 2019/08/02 19:18:00 UTC
[jira] [Created] (IMPALA-8828) Support impersonation via http paths
Thomas Tauber-Marshall created IMPALA-8828:
----------------------------------------------
Summary: Support impersonation via http paths
Key: IMPALA-8828
URL: https://issues.apache.org/jira/browse/IMPALA-8828
Project: IMPALA
Issue Type: Improvement
Components: Clients
Affects Versions: Impala 3.3.0
Reporter: Thomas Tauber-Marshall
Assignee: Thomas Tauber-Marshall
When clients connect over http, we should allow them to perform impersonation via the 'doAs' parameter, eg. by specifying a path of the form '/?doAs=<username>'
This is useful for example for Apache Knox, which proxies connections to Impala and authenticates as itself via Kerberos but runs queries as other users.
We can leverage the existing support for impersonation, eg. knox would have to be included in 'authorized_proxy_user_config' to be able to do the impersonation
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-all-unsubscribe@impala.apache.org
For additional commands, e-mail: issues-all-help@impala.apache.org