Is this a feature request or a proposal? If it is the latter, may you please provide a design doc, so the community can look at it?
Otherwise I think one of the main issues with authorization in STS is that all the queries are actually run inside the same spark job and hence with the same user. There are other projects trying to address those limitations. One of them, for instance, is Livy, where a Thrift server has been recently introduced in order to overcome some of STS's limitations. So you might probably want to look at it. Thanks, Marco Il giorno sab 16 feb 2019 alle ore 01:19 t4 <reubensaw...@hotmail.com> ha scritto: > Goal is to provide ability to deny/allow access to given tables on a per > user > basis (this is the user connecting via jdbc to spark thrift server. ie with > LDAP creds). ie user bob can see table A but not table B. user mary can see > table B but not table A. > > What are folks thoughts on the approach? > 1. SqlStdAuth like Hive has already (any reason Spark does not have this > yet?) > 2. Apache Ranger > 3. Cloudera Sentry > 4. json spec file like 'File Based Authorization' section in > > https://github.com/prestodb/presto/blob/master/presto-docs/src/main/sphinx/connector/hive-security.rst > > > > -- > Sent from: http://apache-spark-developers-list.1001551.n3.nabble.com/ > > --------------------------------------------------------------------- > To unsubscribe e-mail: dev-unsubscr...@spark.apache.org > >
