[ https://issues.apache.org/jira/browse/SENTRY-1120?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15543762#comment-15543762 ]
Li Li commented on SENTRY-1120: ------------------------------- When kerberos is enabled, only SENTRY_WEB_SECURITY_ALLOW_CONNECT_USERS can access all pages including this show role / privileges page. See [SentryAuthFilter for /*|https://github.com/apache/sentry/blob/master/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryWebServer.java#L125] and [SENTRY_WEB_SECURITY_ALLOW_CONNECT_USERS|https://github.com/apache/sentry/blob/master/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryWebServer.java#L144]. Besides, we can also add a sentry config for SENTRY_WEB_SECURITY_ALLOW_CONNECT_ADMIN_USERS for webpages that are only accessible for admin users. > Show role / privileges info in Sentry Service Webpage > ----------------------------------------------------- > > Key: SENTRY-1120 > URL: https://issues.apache.org/jira/browse/SENTRY-1120 > Project: Sentry > Issue Type: Improvement > Reporter: Li Li > Assignee: Li Li > Fix For: 1.8.0 > > Attachments: SENTRY-1120.0.patch, SENTRY-1120.1.patch, > SENTRY-1120.2.patch, Screen Shot 2016-04-06 at 9.00.55 PM.png > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)