[
https://issues.apache.org/jira/browse/HAWQ-1443?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15992459#comment-15992459
]
Xiang Sheng commented on HAWQ-1443:
-----------------------------------
For the lookup access from ranger admin to HAWQ, we could use kerberos to
securitised it. Since HAWQ support kerberos authentication and Ranger admin
lookup using JDBC connection, so we could use kerberos through HAWQ with
kerberos for JDBC. As Hubert wrote above, we have 2 works to do:
1. update the ranger ui through update the ranger-servicedef-hawq.json file.
Add an drop-down box for authentication method choose and an input box for
principal name.
2. update rps lookup logical code. change the jdbc string to the required
string that HAWQ kerberos supports.
> Implement Ranger lookup for HAWQ with Kerberos enabled.
> -------------------------------------------------------
>
> Key: HAWQ-1443
> URL: https://issues.apache.org/jira/browse/HAWQ-1443
> Project: Apache HAWQ
> Issue Type: Sub-task
> Components: Security
> Reporter: Hubert Zhang
> Assignee: Hubert Zhang
> Fix For: backlog
>
> Attachments: Kerberos Support for Ranger Lookup HAWQ.pdf
>
>
> When add a HAWQ service in Ranger, we also need to configure Ranger look up
> service for HAWQ. Lookup service can be done through JDBC with username and
> password. But It cannot support Kerberos authentication currently.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
