Uploaded image for project: 'Zeppelin'
  1. Zeppelin
  2. ZEPPELIN-1337 Umbrella for multiple user support for zeppelin
  3. ZEPPELIN-1340

Impersonation for interpreter

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Open
    • Major
    • Resolution: Unresolved
    • None
    • None
    • None
    • None

    Description

      In the kerberized environment, all the interpreter use the same keytab/principal, this is pretty dangerous. E.g. User A can use shell interpreter which run as user B to delete all the files owned by user B.

      Although some interpreter has implement its kerbosed usage, I just feel we might need to make a general impersonation framework for all the interpreter (If not possible for all interpreter, but at least this framework should cover most of the interpreter).

      Attachments

        Issue Links

          is related to

          Sub-task - The sub-task of the issue ZEPPELIN-1320 Run zeppelin interpreter process as web front end user

          • Major - Major loss of function.
          • Resolved

          New Feature - A new feature of the product, which has yet to be developed. ZEPPELIN-1730 impersonate spark interpreter using --proxy-user

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              zjffdu Jeff Zhang
              Votes:
              2 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated: