[
https://issues.apache.org/jira/browse/HAWQ-256?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15867342#comment-15867342
]
Lili Ma commented on HAWQ-256:
------------------------------
[~kdunn926] I re-looked at your input.
1) Why do they want to use Ranger? What are the scenario and use cases?
Ranger provides the missing (and very important) functionality for
synchronizing roles and groups from a identity management provider (like LDAP)
into HAWQ. Without this capability, roles must be provisioned manually or
something like pg-ldap-sync must be used, neither are very enterprise-friendly
or "baked" solutions.
Actually, I don't think Ranger provides the functionality to sync role/group
information into HAWQ. It just sync those information to itself. We may still
need to manage the role information in HAWQ to allow them to login. Or, a
thorough solution is that HAWQ does not store any user information, but we may
not do it now given there are some objects not managed by Ranger. Thoughts?
> Integrate Security with Apache Ranger
> -------------------------------------
>
> Key: HAWQ-256
> URL: https://issues.apache.org/jira/browse/HAWQ-256
> Project: Apache HAWQ
> Issue Type: New Feature
> Components: Security
> Reporter: Michael Andre Pearce (IG)
> Assignee: Lili Ma
> Fix For: backlog
>
> Attachments: HAWQRangerSupportDesign.pdf,
> HAWQRangerSupportDesign_v0.2.pdf, HAWQRangerSupportDesign_v0.3.pdf
>
>
> Integrate security with Apache Ranger for a unified Hadoop security solution.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
