dzamo commented on pull request #2332: URL: https://github.com/apache/drill/pull/2332#issuecomment-960890029
> Hi @dzamo , phoenix uses keytab and other stuff within the connection string: https://phoenix.apache.org/#connStr isnt this what we need? > > Or, the other aspect... use code from PQS for the connection to phoenix... they use some sort of proxyUser from org.apache.hadoop.security.UserGroupInformation as well: https://github.com/apache/phoenix-queryserver/blob/master/phoenix-queryserver/src/main/java/org/apache/phoenix/queryserver/server/QueryServer.java#L553 > > Regards, Christian @Z0ltrix Okaaay. I'd forgotten that Phoenix lives on top of Hadoop anyway. So if you've already enabled Hadoop's impersonation using the needed `proxyuser` settings then maybe all that we need here is to tack a `doAs` onto the JDBC URL you already have working (which might already include some Kerberos bits). ``` jdbc:phoenix:thin:url=http://localhost:8765?doAs=alice ``` See https://phoenix.apache.org/server.html#Impersonation. @luocooong this should be reasonably easy, let me know if I can help with anything... -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
