Josh,
Thanks for the info. Both of those seem like potentially good options.
For what it's worth, I did a really simple demo before asking this. It
involved setting up a simple table with labels and just using Phoenix as a
read-only view. Worked like a charm. The unprivileged user was redacted
Hey Mike,
You can definitely authenticate yourself as with the Kerberos
credentials of your choice. There are generally two ways in you can do this:
1. Login using UserGroupInformation APIs and then make JDBC calls with
the Phoenix JDBC driver (thick or thin)
2. Use the principal+keytab JDBC
We have a particular use case where we'd like to be able to effectively do
a SELECT on a table and say either "execute as this user" or "execute with
this list of HBase visibility tokens."
This looks somewhat promising for the former: