[
https://issues.apache.org/jira/browse/STORM-446?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14340377#comment-14340377
]
ASF GitHub Bot commented on STORM-446:
--------------------------------------
Github user revans2 commented on a diff in the pull request:
https://github.com/apache/storm/pull/448#discussion_r25521108
--- Diff:
storm-core/src/jvm/backtype/storm/security/auth/authorizer/SimpleACLAuthorizer.java
---
@@ -50,6 +50,7 @@
protected Set<String> _supervisors;
protected IPrincipalToLocal _ptol;
protected IGroupMappingServiceProvider _groupMappingProvider;
+ protected ImpersonationAuthorizer _impersonationAuthorizer;
--- End diff --
I don't really like the idea of having all authorizers have to be updated
to support the impersonation code. I would much rather have the code spliced
in at a much higher level that cannot be turned off. Otherwise a custom
IAuthorizer instance that does not know to update after this change is now wide
open for anyone to impersonate anyone else. The logging changes should also
probably happen at the same level.
> secure Impersonation in storm
> -----------------------------
>
> Key: STORM-446
> URL: https://issues.apache.org/jira/browse/STORM-446
> Project: Apache Storm
> Issue Type: Improvement
> Reporter: Sriharsha Chintalapani
> Assignee: Parth Brahmbhatt
> Labels: Security
>
> Storm security adds features of authenticating with kerberos and than uses
> that principal and TGT as way to authorize user operations, topology
> operation. Currently Storm UI user needs to be part of nimbus.admins to get
> details on user submitted topologies. Ideally storm ui needs to take
> authenticated user principal to submit requests to nimbus which will than
> authorize the user rather than storm UI user. This feature will also benefit
> superusers to impersonate other users to submit topologies in a secured way.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
