GitHub user mostafa4del1 created a discussion: How to add fine grained Authorization to Kyuubi REST APIs?
I’ve implemented custom authentication, which works well, but I’m unable to enforce fine-grained authorization on the REST APIs. For example, I want to prevent users from terminating other users’ sessions, and I’d like to restrict certain admin resource functionality only to super admin users. Currently, I don’t see any solution for this: the documentation mentions AuthZ, but it doesn’t apply to REST API authorization, and from reviewing the code, there doesn’t appear to be any authorization filter layer in place. GitHub link: https://github.com/apache/kyuubi/discussions/7185 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
