Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
None
-
None
-
None
Description
Recently Zeppelin added LDAP authentication feature. However that feature is a first step in the security store. Ultimately the use case is that the resource (e.g HDFS files) accessed through Zeppelin can be secured with a policy that governs which user can access this resource.
This will need Zeppelin to send down proxy user information.
See https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-common/Superusers.html
The use case here is the next step beyond LDAP authentication, such that the end user identity flows downstream such that Data Scientist A and Data Scientist B are able to work on their own datasets by default and must not see each others data, unless HDFS/Hive permissions allows this access.
Attachments
Issue Links
- Blocked
-
ZEPPELIN-773 Multi-tenancy in Zeppelin
- Resolved