phoenix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alex Araujo (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (PHOENIX-4749) Support impersonation without SPNEGO authn via PQS with Kerberized HBase
Date Fri, 25 May 2018 17:19:00 GMT

    [ https://issues.apache.org/jira/browse/PHOENIX-4749?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16491035#comment-16491035
] 

Alex Araujo commented on PHOENIX-4749:
--------------------------------------

> how are you going to determine what the username is for impersonation by PQS if not
using SPNEGO?

We will use short-lived TLS certificates with the principal name embedded in the certs.

 

Made the changes you requested [~elserj]. It would be great if this can make the 4.14 RC (cc
[~jamestaylor]).

> Support impersonation without SPNEGO authn via PQS with Kerberized HBase
> ------------------------------------------------------------------------
>
>                 Key: PHOENIX-4749
>                 URL: https://issues.apache.org/jira/browse/PHOENIX-4749
>             Project: Phoenix
>          Issue Type: Improvement
>            Reporter: Alex Araujo
>            Assignee: Alex Araujo
>            Priority: Major
>             Fix For: 4.14.0, 5.0.0
>
>         Attachments: PHOENIX-4749.patch, PHOENIX-4749.v2.patch
>
>
> Phoenix Query Server only supports SPNEGO auth (Kerberos) with impersonation.
> Allow other authentication methods to be used with impersonation.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message