Abhishek Kumar created RANGER-4955:
--------------------------------------
Summary: Add support to retrieve group information from JWT
Key: RANGER-4955
URL: https://issues.apache.org/jira/browse/RANGER-4955
Project: Ranger
Issue Type: Improvement
Components: Ranger
Reporter: Abhishek Kumar
Assignee: Abhishek Kumar
ClaimSets are natively supported in JWT, use this to gather group information
if present, this is agnostic of the token provider used to retrieve the JWT.
for eg: Knox currently provides an option to embed group information when
queried with:
https://<knox-host>:8443/gateway/homepage/knoxtoken/api/v1/token?knox.token.include.groups=true
This would help facilitate checks on groups for the remote user when using JWT
auth (for ex: service admin check). It avoids the need to do a UGI lookup for
the group based on the remote user.
Enable this via a configurable param in ranger-admin-site.xml
CC: [~spolavarapu]
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
