[
https://issues.apache.org/jira/browse/DRILL-4281?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15181352#comment-15181352
]
ASF GitHub Bot commented on DRILL-4281:
---------------------------------------
Github user sudheeshkatkam commented on the pull request:
https://github.com/apache/drill/pull/400#issuecomment-192535617
I apologize that my terminology is confusing everyone.
I've updated the [design
document](https://docs.google.com/document/d/1g0KgugVdRbbIxxZrSCtO1PEHlvwczTLDb38k-npvwjA)
and the PR to include terms that (hopefully) users and developers can
understand.
(1) User delegation itself is not a suitable name for this feature, since
this feature is extending the current impersonation model. So when _user
impersonation_ is enabled, this _inbound_ or _client_ impersonation feature is
also enabled.
(2) I am going to use a variant of Jacques' suggestion for _inbound_
impersonation policies. I think `proxy_principals` and `target_principals` are
apt. For example, an admin would setup policies by using:
```
ALTER SYSTEM SET `exec.impersonation.inbound_policies` = '[
{ proxy_principals : { users : [ "user0_1"] },
target_principals : { users : ["*"] } },
{ proxy_principals : { groups : ["group5_1"] },
target_principals : { groups : ["group4_2"] } }
]';
```
Overall, when impersonation is enabled, both _inbound_ impersonation and
_outbound_ impersonation are allowed.
+ _Inbound_ or _client_ impersonation: an authorized user can impersonate a
target user, and the session user is set accordingly.
+ _Outbound_ or _storage plugin_ impersonation: Drill itself impersonates
as the session user when interacting with storage plugins.
> Drill should support inbound impersonation
> ------------------------------------------
>
> Key: DRILL-4281
> URL: https://issues.apache.org/jira/browse/DRILL-4281
> Project: Apache Drill
> Issue Type: Improvement
> Reporter: Keys Botzum
> Assignee: Sudheesh Katkam
> Labels: doc-impacting, security
>
> Today Drill supports impersonation *to* external sources. For example I can
> authenticate to Drill as myself and then Drill will access HDFS using
> impersonation
> In many scenarios we also need impersonation to Drill. For example I might
> use some front end tool (such as Tableau) and authenticate to it as myself.
> That tool (server version) then needs to access Drill to perform queries and
> I want those queries to run as myself, not as the Tableau user. While in
> theory the intermediate tool could store the userid & password for every user
> to the Drill this isn't a scalable or very secure solution.
> Note that HS2 today does support inbound impersonation as described here:
> https://issues.apache.org/jira/browse/HIVE-5155
> The above is not the best approach as it is tied to the connection object
> which is very coarse grained and potentially expensive. It would be better if
> there was a call on the ODBC/JDBC driver to switch the identity on a existing
> connection. Most modern SQL databases (Oracle, DB2) support such function.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
