[jira] [Commented] (STORM-1096) UI tries to impersonate wrong user when getting topology conf for authorization, impersonation is allowed by default

Thu, 08 Oct 2015 07:41:10 -0700 

    [ 
https://issues.apache.org/jira/browse/STORM-1096?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14948761#comment-14948761
 ] 

ASF GitHub Bot commented on STORM-1096:
---------------------------------------

Github user d2r commented on the pull request:

    https://github.com/apache/storm/pull/787#issuecomment-146566393
  
    +1


> UI tries to impersonate wrong user when getting topology conf for 
> authorization, impersonation is allowed by default
> --------------------------------------------------------------------------------------------------------------------
>
>                 Key: STORM-1096
>                 URL: https://issues.apache.org/jira/browse/STORM-1096
>             Project: Apache Storm
>          Issue Type: Bug
>          Components: storm-core
>    Affects Versions: 0.10.0
>            Reporter: Robert Joseph Evans
>            Assignee: Robert Joseph Evans
>            Priority: Blocker
>
> We have started using 0.10.0 under load and found a few issues around the UI 
> and impersonation.
> The UI when trying to connect to nimbus will impersonate other users.  
> Nimbus, by default allows impersonation and just outputs a warning message 
> that it is allowed.  We really should default to not allowing impersonation.  
> having the authorizer configured by default does not hurt when running 
> insecure because impersonation is not possible, but when security is enabled 
> if someone forgets to set this config we are now insecure by default.
> If you do set all of that up correctly the UI now can impersonate the wrong 
> user when connecting to nimbus.
> The UI decides which user to impersonate by pulling it from the request 
> context.  The requestContext is populated from the HttpRequest when 
> assert-authorized-user is called.  assert-authorized-user takes a 
> topology-conf as a parameter.  The only way to get this topology conf is to 
> talk to nimbus, which will get the wrong user because the request context has 
> not been populated yet.
> This just because a huge pain for users who way too often will not be able to 
> see pages on the UI.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to