[
https://issues.apache.org/jira/browse/SENTRY-1120?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15543762#comment-15543762
]
Li Li commented on SENTRY-1120:
-------------------------------
When kerberos is enabled, only SENTRY_WEB_SECURITY_ALLOW_CONNECT_USERS can
access all pages including this show role / privileges page.
See [SentryAuthFilter for
/*|https://github.com/apache/sentry/blob/master/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryWebServer.java#L125]
and
[SENTRY_WEB_SECURITY_ALLOW_CONNECT_USERS|https://github.com/apache/sentry/blob/master/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryWebServer.java#L144].
Besides, we can also add a sentry config for
SENTRY_WEB_SECURITY_ALLOW_CONNECT_ADMIN_USERS for webpages that are only
accessible for admin users.
> Show role / privileges info in Sentry Service Webpage
> -----------------------------------------------------
>
> Key: SENTRY-1120
> URL: https://issues.apache.org/jira/browse/SENTRY-1120
> Project: Sentry
> Issue Type: Improvement
> Reporter: Li Li
> Assignee: Li Li
> Fix For: 1.8.0
>
> Attachments: SENTRY-1120.0.patch, SENTRY-1120.1.patch,
> SENTRY-1120.2.patch, Screen Shot 2016-04-06 at 9.00.55 PM.png
>
>
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
