Knox user groups

[Loïc Chanel <lo...@telecomnancy.net>]

Hi all,

As I am deploying Knox on my cluster, I had a few questions about user
identification.
Actually, I can't uderstand how groups are used, because eventhough the
group used by Identity assertion is actually the user name, we have to add
the user to a Unix group, or Knox will raise an error saying it "is not
allowed to impersonate" the user.

Basically, I wonder why I've got such an exception when my user does belong
to Unix groups, and why its groups cannot be used when asserting its
identity to enforce Ranger group policies for example.

Thanks in advance for your help,
Regards,


Loïc

Loïc CHANEL
Engineering student at TELECOM Nancy
Trainee at Worldline - Villeurbanne