[
https://issues.apache.org/jira/browse/HAWQ-256?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15438560#comment-15438560
]
Don Bosco Durai commented on HAWQ-256:
--------------------------------------
I agree. We can disable grant/revoke on the HAWQ side it Ranger is enabled. I
feel, those using Ranger will prefer to manage the policies from one place.
Also, even if we support GRANT/REVOKE from the HAWQ SQL command, we shouldn't
expect that the behavior will be same when Ranger is enabled. E.g. Currently,
when you give delegated admin privilege to any user (e.g. user 1) for the
resource, then user1 can give any access to other users (e.g. user2) for that
resource regardless what permission user1 has. This addresses use case where
you don't want Admin to read/write, but be able to manage permissions for
others.
> Integrate Security with Apache Ranger
> -------------------------------------
>
> Key: HAWQ-256
> URL: https://issues.apache.org/jira/browse/HAWQ-256
> Project: Apache HAWQ
> Issue Type: New Feature
> Components: PXF, Security
> Reporter: Michael Andre Pearce (IG)
> Assignee: Lili Ma
> Fix For: backlog
>
> Attachments: HAWQRangerSupportDesign.pdf
>
>
> Integrate security with Apache Ranger for a unified Hadoop security solution.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
