I'm working on a system where there are many users and the users credentials and information are stored in a third party system. I was thinking the best approach would be to have my default Accumulo user have the superset of all permissions and then when a query is performed, proxy in the specific user credential that may be a subset. But, this seems a bit cumbersome to have to up front define all available credentials, especially if new authorizations are added without our knowledge. Any thoughts on an alternative approach? I'd like to just be able to proxy through credentials and not have to worry about whether my Accumulo-defined user that I'm proxying through already has them. Is there a way to just let that Accumulo-defined user have max credentials and not have to specifically call them out? Thanks.
-- View this message in context: http://apache-accumulo.1065345.n5.nabble.com/Authorizations-for-complex-user-management-tp13294.html Sent from the Users mailing list archive at Nabble.com.
