You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@impala.apache.org by "Tamas Mate (Jira)" <ji...@apache.org> on 2022/10/25 11:56:00 UTC

[jira] [Created] (IMPALA-11684) Only use LDAP group filter when there is no authorization provider

Tamas Mate created IMPALA-11684:
-----------------------------------

             Summary: Only use LDAP group filter when there is no authorization provider
                 Key: IMPALA-11684
                 URL: https://issues.apache.org/jira/browse/IMPALA-11684
             Project: IMPALA
          Issue Type: Improvement
            Reporter: Tamas Mate


Impala applies the LDAP group filters during authentication which can deny users even from accessing Impala. We should reconsider this decision because authenticating based on groups falls into a grey area with authorization. Users without group privileges could be authenticated successfully and the authorization provider should handle what they can see.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)