It seems to me that for phase 1, we should only have this as connection level property and have the list of proxy users as a static bootstrap option. Drill doesn't have a very granular privilege model other than admins vs non-admins, so till then exposing this via system options seems like a risk to me from a security standpoint.
-Neeraja On Mon, Feb 22, 2016 at 9:59 AM, Sudheesh Katkam <skat...@maprtech.com> wrote: > “… when creating this connection, as part of the connection properties > (JDBC, C++ Client), the application passes the end user’s identity (e.g. > username) …” > > I had written the change user as a session option as part of the > enhancement only, where you’ve pointed out a better way. I addressed your > comments on the doc. > > Thank you, > Sudheesh > > > On Feb 22, 2016, at 9:49 AM, Jacques Nadeau <jacq...@dremio.com> wrote: > > > > Maybe I misunderstood the design document. > > > > I thought this was how the user would be changed: "Provide a way to > change > > the user after the connection is made (details) through a session option" > > > > Did I miss something? > > > > > > > > > > > > > > -- > > Jacques Nadeau > > CTO and Co-Founder, Dremio > > > > On Mon, Feb 22, 2016 at 9:06 AM, Neeraja Rentachintala < > > nrentachint...@maprtech.com> wrote: > > > >> Jacques, > >> I think the current proposal by Sudheesh is an API level change to pass > >> this additional end user id during the connection establishment. > >> Can you elaborate what you mean by random query. > >> > >> -Neeraja > >> > >> On Sun, Feb 21, 2016 at 5:07 PM, Jacques Nadeau <jacq...@dremio.com> > >> wrote: > >> > >>> Sudheesh, thanks for putting this together. Reviewing Oracle > >> documentation, > >>> they expose this at the API level rather than through a random query. I > >>> think we should probably model after that rather than invent a new > >>> mechanism. This also means we can avoid things like query parsing, > >>> execution roundtrip, query profiles, etc to provide this functionality. > >>> > >>> See here: > >>> > >>> > https://docs.oracle.com/cd/B28359_01/java.111/b31224/proxya.htm#BABEJEIA > >>> > >>> -- > >>> Jacques Nadeau > >>> CTO and Co-Founder, Dremio > >>> > >>> On Fri, Feb 19, 2016 at 2:18 PM, Keys Botzum <kbot...@maprtech.com> > >> wrote: > >>> > >>>> This is a great feature to add to Drill and I'm excited to see design > >> on > >>>> it starting. > >>>> > >>>> The ability for an intermediate server that is likely already > >>>> authenticating end users, to send end user identity down to Drill adds > >> a > >>>> key element into an end to end secure design by enabling Drill and the > >>> back > >>>> end systems to see the real user and thus perform meaningful > >>> authorization. > >>>> > >>>> Back when I was building many JEE applications I know the DBAs where > >> very > >>>> frustrated that the application servers blinded them to the identity > of > >>> the > >>>> end user accessing important corporate data. When JEE application > >> servers > >>>> and databases finally added the ability to impersonate that addressed > a > >>> lot > >>>> of security concerns. Of course this isn't a perfect solution and I'm > >>> sure > >>>> others will recognize that in some scenarios impersonation isn't the > >> best > >>>> approach, but having that as an option in Drill is very valuable. > >>>> > >>>> Keys > >>>> _______________________________ > >>>> Keys Botzum > >>>> Senior Principal Technologist > >>>> kbot...@maprtech.com <mailto:kbot...@maprtech.com> > >>>> 443-718-0098 > >>>> MapR Technologies > >>>> http://www.mapr.com <http://www.mapr.com/> > >>>>> On Feb 19, 2016, at 4:49 PM, Sudheesh Katkam <skat...@maprtech.com> > >>>> wrote: > >>>>> > >>>>> Hey y’all, > >>>>> > >>>>> I plan to work on DRILL-4281 < > >>>> https://issues.apache.org/jira/browse/DRILL-4281>: support for > >>>> inbound/client impersonation. Please review the design document < > >>>> > >>> > >> > https://docs.google.com/document/d/1g0KgugVdRbbIxxZrSCtO1PEHlvwczTLDb38k-npvwjA > >>>> , > >>>> which is open for comments. There is also a link to proof-of-concept > >>>> (slightly hacky). > >>>>> > >>>>> Thank you, > >>>>> Sudheesh > >>>> > >>>> > >>> > >> > >
