Maybe the doc should say that Drill supports impersonation through web console. These clients use Java client library, just like JDBC.
Note that *inbound* impersonation is not supported yet because Drill does not expose an “impersonation_target” field through the web login form. Thank you, Sudheesh > On Dec 21, 2016, at 10:08 AM, Akihiko Kusanagi <akusan...@maprtech.com> wrote: > > Hi, > > The 'Impersonation Support' table In the following page says that > impersonation > is not supported with Drill Web Console or REST API. > http://drill.apache.org/docs/configuring-user-impersonation/ > > However, when authentication and impersonation are enabled, impersonation is > in effect through Web UI. > > $ cat drill-override.conf > ... > drill.exec: { > ... > impersonation: { > enabled: true > }, > ... > > Only mapr user has read permission for nation.parquet, and Drillbit is > running as mapr user. > > $ hadoop fs -ls /sample-data > ... > drwx------ - mapr mapr 1210 2016-01-11 19:58 nation.parquet > ... > > Then, login as the other user via Drill Web UI, and run this query: > > select * from dfs.`/sample-data/nation.parquet` > > This returns the following error, so it seems that impersonation is in > effect. > > Query Failed: An Error Occurred > org.apache.drill.common.exceptions.UserRemoteException: SYSTEM ERROR: > IOException: 2049.177.8452826 /sample-data/nation.parquet (Input/output > error) Fragment 0:0 [Error Id: 91684467-8a4f-4fb8-8ad7-6ee04b7f8f53 on > node3:31010] > > When drill.exec.impersonation.enabled = false, the query above returns > multiple rows. > > Is this expected behavior? Does the document need to be updated? > > Thanks, > Aki
