[
https://issues.apache.org/jira/browse/STORM-446?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14339543#comment-14339543
]
ASF GitHub Bot commented on STORM-446:
--------------------------------------
GitHub user Parth-Brahmbhatt opened a pull request:
https://github.com/apache/storm/pull/448
STORM-446: Allow superusers to impersonate other users in secure mode.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/Parth-Brahmbhatt/incubator-storm STORM-446
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/storm/pull/448.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #448
----
commit 086e9e588e46922198d56faafbc9d25f4a543f47
Author: Parth Brahmbhatt <[email protected]>
Date: 2015-02-27T01:26:09Z
STORM-446: Allow superusers to impersonate other users in secure mode.
commit 32df28743781767059fc0360c2ef9d166a7af6fb
Author: Parth Brahmbhatt <[email protected]>
Date: 2015-02-27T01:27:02Z
Merge remote-tracking branch 'upstream/master' into STORM-446
----
> secure Impersonation in storm
> -----------------------------
>
> Key: STORM-446
> URL: https://issues.apache.org/jira/browse/STORM-446
> Project: Apache Storm
> Issue Type: Improvement
> Reporter: Sriharsha Chintalapani
> Assignee: Parth Brahmbhatt
> Labels: Security
>
> Storm security adds features of authenticating with kerberos and than uses
> that principal and TGT as way to authorize user operations, topology
> operation. Currently Storm UI user needs to be part of nimbus.admins to get
> details on user submitted topologies. Ideally storm ui needs to take
> authenticated user principal to submit requests to nimbus which will than
> authorize the user rather than storm UI user. This feature will also benefit
> superusers to impersonate other users to submit topologies in a secured way.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
