Uploaded image for project: 'Apache Storm'
  1. Apache Storm
  2. STORM-446

secure Impersonation in storm

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 0.10.0
    • storm-core

    Description

      Storm security adds features of authenticating with kerberos and than uses that principal and TGT as way to authorize user operations, topology operation. Currently Storm UI user needs to be part of nimbus.admins to get details on user submitted topologies. Ideally storm ui needs to take authenticated user principal to submit requests to nimbus which will than authorize the user rather than storm UI user. This feature will also benefit superusers to impersonate other users to submit topologies in a secured way.

      Attachments

        There are no Sub-Tasks for this issue.

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            parth.brahmbhatt Parth Brahmbhatt
            sriharsha Harsha
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment