[
https://issues.apache.org/jira/browse/STORM-446?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14352249#comment-14352249
]
ASF GitHub Bot commented on STORM-446:
--------------------------------------
Github user harshach commented on the pull request:
https://github.com/apache/storm/pull/448#issuecomment-77773604
@Parth-Brahmbhatt Overall code looks good to me. I am trying to run few
tests in secure cluster but during mvn build the following unit test is
failing <testcase name="test-populate-req-context-on-null-user"
classname="backtype.storm.security.auth.DefaultHttpCredentialsPlugin-test">
<failure>expected: (= 0 (-> handler (.populateContext
context req) (.subject) (.getPrincipals) (.size)))
actual: (not (= 0 1))
at: run-test2660255144893935715.clj:85</failure>
</testcase>
Can you please take a look.
> secure Impersonation in storm
> -----------------------------
>
> Key: STORM-446
> URL: https://issues.apache.org/jira/browse/STORM-446
> Project: Apache Storm
> Issue Type: Improvement
> Reporter: Sriharsha Chintalapani
> Assignee: Parth Brahmbhatt
> Labels: Security
>
> Storm security adds features of authenticating with kerberos and than uses
> that principal and TGT as way to authorize user operations, topology
> operation. Currently Storm UI user needs to be part of nimbus.admins to get
> details on user submitted topologies. Ideally storm ui needs to take
> authenticated user principal to submit requests to nimbus which will than
> authorize the user rather than storm UI user. This feature will also benefit
> superusers to impersonate other users to submit topologies in a secured way.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
