Uploaded image for project: 'Apache Storm'
  1. Apache Storm
  2. STORM-1851

Nimbus impersonation authorizer in defaults.yaml causes issues in secure mode

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 1.0.1
    • Fix Version/s: 2.0.0, 1.0.2, 1.1.0
    • Component/s: storm-core
    • Labels:
      None

      Description

      "nimbus.impersonation.authorizer" is set to "ImpersonationAuthorizer" by default and this causes issues when a user tries to submit topology as a different user in secure mode since the "nimbus.impersonation.acl" configuration is not set by default. Users need to set nimbus.impersonation.acl first before they can submit topology as a user other than "storm" in secure mode.

      Removing this config allows users to submit topologies as any user in secure mode by default. Users can set up impersonation by providing both authorizer and the acls in storm.yaml.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                arunmahadevan Arun Mahadevan
                Reporter:
                arunmahadevan Arun Mahadevan
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: