Re: Delegation tokens?

Thanks for the info Sravya. Are you proposing a cache in the Java Sentry Client? That could potentially be useful. The dedicated service is necessary primarily because programs run in YARN as the users who submitted the programs. These users are not expected to be whitelisted in the Sentry

Re: Delegation tokens?

Thanks for bringing this up Bhooshan! Apache Sentry does not support delegation tokens yet. Looking at your use case, it seems like cache with strong (near strong) freshness guarantees is the key requirement here. Sentry does plan to support a way to store delta changes and serve these deltas

Re: Delegation tokens?

Hi Folks, Any thoughts? - Bhooshan On Sat, Jul 30, 2016 at 8:33 AM, Bhooshan Mogal wrote: > Hi, > > Does the Sentry Service provide delegation tokens for processes without > Kerberos credentials to communicate with it (from YARN containers). > > > Use case: We have