[
https://issues.apache.org/jira/browse/STORM-410?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14216268#comment-14216268
]
Robert Joseph Evans commented on STORM-410:
-------------------------------------------
Yes, I forgot about that we had switched authorization for the UI over to use
the Authorizer. The log viewer still needs to be updated though, and we need
to deprecate or remove UI_USERS from Config.java (as it is no longer
supported).
[~speaktoraghav] if you don't mind I have some code to do the log viewer
changes already, and I will throw up a pull request for that, and to remove the
unneeded USERS config.
> (Security) add groups support to UI and logviewer
> -------------------------------------------------
>
> Key: STORM-410
> URL: https://issues.apache.org/jira/browse/STORM-410
> Project: Apache Storm
> Issue Type: Improvement
> Affects Versions: 0.10.0
> Reporter: Robert Joseph Evans
> Assignee: Raghavendra Nandagopal
> Labels: security
>
> Once STORM-347 goes in we should look at allowing topologies to grant access
> to the UI and logs by group, not just by user. This should probably involve
> adding in new configs for ui and logs groups. Updating the code that does
> checks to also check if the user is a part of these groups, and updating the
> logviewer metadata file to include the groups allowed.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
