impala

jprdonnelly/impala

Fork 0

mirror of https://github.com/apache/impala.git synced 2026-01-05 21:00:54 -05:00

Commit Graph

Author	SHA1	Message	Date
Lenni Kuff	6282d364a8	IMP-1134: DoAsUser and impersonator are reversed in audit logs The audit logs currently have the "impersonator" field set to what we call the doAsUser and the "user" field set as the connected user. They should be reversed. Added basic tests to validate the correct event gets audited. Change-Id: Idfa0aaa6c88debedc4993bd0489dbd3f696fcf17 Reviewed-on: http://gerrit.ent.cloudera.com:8080/958 Reviewed-by: Lenni Kuff <lskuff@cloudera.com> Tested-by: jenkins	2014-01-08 10:54:03 -08:00
Lenni Kuff	af6d381401	IMPALA-565: Support user impersonation for HS2 authorization requests This change adds support for user impersonation for HS2 authorization requests. It adds a new flag (--authorized_proxy_user_config) that if set, allows users (ex. hue) to impersonate as another user. The user they wish to impersonate as is passed using the HS2 configuration property, 'impala.doas.user'. The configuration allows for specifying the list of users a proxy user can impersonate as well, or '' to allow the proxy user to impersonate any user. For example: hue=user1,user2,admin= Change-Id: I2a13e31e5bde2e6df47134458c803168415d0437 Reviewed-on: http://gerrit.ent.cloudera.com:8080/574 Reviewed-by: Lenni Kuff <lskuff@cloudera.com> Tested-by: Lenni Kuff <lskuff@cloudera.com>	2014-01-08 10:53:39 -08:00

Author

SHA1

Message

Date

Lenni Kuff

6282d364a8

IMP-1134: DoAsUser and impersonator are reversed in audit logs

The audit logs currently have the "impersonator" field set to what we call the doAsUser
and the "user" field set as the connected user. They should be reversed.

Added basic tests to validate the correct event gets audited.

Change-Id: Idfa0aaa6c88debedc4993bd0489dbd3f696fcf17
Reviewed-on: http://gerrit.ent.cloudera.com:8080/958
Reviewed-by: Lenni Kuff <lskuff@cloudera.com>
Tested-by: jenkins

2014-01-08 10:54:03 -08:00

Lenni Kuff

af6d381401

IMPALA-565: Support user impersonation for HS2 authorization requests

This change adds support for user impersonation for HS2 authorization
requests. It adds a new flag (--authorized_proxy_user_config) that if
set, allows users (ex. hue) to impersonate as another user. The user they
wish to impersonate as is passed using the HS2 configuration property,
'impala.doas.user'.
The configuration allows for specifying the list of users a proxy user
can impersonate as well, or '*' to allow the proxy user to impersonate
any user. For example: hue=user1,user2,admin=*

Change-Id: I2a13e31e5bde2e6df47134458c803168415d0437
Reviewed-on: http://gerrit.ent.cloudera.com:8080/574
Reviewed-by: Lenni Kuff <lskuff@cloudera.com>
Tested-by: Lenni Kuff <lskuff@cloudera.com>

2014-01-08 10:53:39 -08:00

2 Commits