[
https://issues.apache.org/jira/browse/HAWQ-256?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15381729#comment-15381729
]
Don Bosco Durai commented on HAWQ-256:
--------------------------------------
[~hubertzhang], thanks. The JDBC call should suffice for lookup.
Ranger only supports one set of users and it is generally what is supported by
Hadoop. The source is either AD/LDAP or linux users. In the case of Hive, if
Ranger is used, then Hive's internal users or roles are not used, instead
Hadoop Common is used to get users and groups. This keeps the users and groups
consistent across all components.
I would prefer the same behavior for HAWQ. But for any reason HAWQ needs to
support it's own users/groups, then they need to be populated in Ranger also.
Since Ranger doesn't have namespace for users, it can't do conflict resolution.
So we will have to do what you suggest. It would be good if we defer it and see
if users really needs it? Because, users using Ranger prefer uniform user and
groups.
Thanks
> Integrate Security with Apache Ranger
> -------------------------------------
>
> Key: HAWQ-256
> URL: https://issues.apache.org/jira/browse/HAWQ-256
> Project: Apache HAWQ
> Issue Type: New Feature
> Components: PXF, Security
> Reporter: Michael Andre Pearce (IG)
> Assignee: Lili Ma
> Fix For: backlog
>
>
> Integrate security with Apache Ranger for a unified Hadoop security solution.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
