[
https://issues.apache.org/jira/browse/STORM-1851?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15297483#comment-15297483
]
ASF GitHub Bot commented on STORM-1851:
---------------------------------------
Github user hmcl commented on the pull request:
https://github.com/apache/storm/pull/1435#issuecomment-221141811
+1
@arunmahadevan perhaps you can update the docs stating what you say in your
comment as it will bring awareness to the users on what is going on by default,
as well as setup impersonation.
> Nimbus impersonation authorizer in defaults.yaml causes issues in secure mode
> -----------------------------------------------------------------------------
>
> Key: STORM-1851
> URL: https://issues.apache.org/jira/browse/STORM-1851
> Project: Apache Storm
> Issue Type: Bug
> Reporter: Arun Mahadevan
> Assignee: Arun Mahadevan
> Priority: Minor
>
> "nimbus.impersonation.authorizer" is set to "ImpersonationAuthorizer" by
> default and this causes issues when a user tries to submit topology as a
> different user in secure mode since the "nimbus.impersonation.acl"
> configuration is not set by default. Users need to set
> nimbus.impersonation.acl first before they can submit topology as a user
> other than "storm" in secure mode.
> Removing this config allows users to submit topologies as any user in secure
> mode by default. Users can set up impersonation by providing both authorizer
> and the acls in storm.yaml.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
