Page MenuHomePhabricator
Create Task
Maniphest T250485

Verify if Turnilo can pull data from Druid using Kerberos/TLS
Open, MediumPublic
Actions

Related Objects
Search...

Event Timeline

elukey created this task.Apr 17 2020, 1:17 PM
elukey added a comment.Apr 17 2020, 1:20 PM

There seems to be no support for Kerberos/TLS in Turnilo, see https://github.com/allegro/turnilo/issues/263

Some code will likely need to created and/or upstream convinced about doing it :)

The idea would be to:

  1. authenticate the user via LDAP/CAS in httpd
  2. get the username via header, and then use it to authenticate to Druid (impersonating the user). Turnilo will have to become an hadoop proxy and hold a kerberos keytab.
Milimetric triaged this task as Medium priority.May 7 2020, 4:18 PM
Milimetric moved this task from Incoming to Security Maturity and Data Privacy on the Analytics board.
elukey added a project: Analytics-Clusters.Jun 16 2020, 8:51 AM
elukey moved this task from Backlog to Q1 2021/2022 on the Analytics-Clusters board.Jun 16 2020, 9:31 AM
Aklapper removed a project: Analytics.Jul 4 2020, 7:59 AM
elukey moved this task from Q1 2021/2022 to Q3 2020/2021 on the Analytics-Clusters board.Aug 14 2020, 8:59 AM
Ottomata moved this task from Q3 2020/2021 to Q4 2020/2021 on the Analytics-Clusters board.Mar 15 2021, 4:08 PM
Ottomata removed elukey as the assignee of this task.May 17 2021, 3:36 PM
Ottomata moved this task from Q4 2020/2021 to Triaged but not scheduled yet on the Analytics-Clusters board.
odimitrijevic added a project: Data-Engineering.Dec 3 2021, 10:22 PM
odimitrijevic moved this task from Incoming (new tickets) to Security & Governance on the Data-Engineering board.
JArguello-WMF removed a project: Analytics-Clusters.Feb 24 2023, 12:38 PM
JArguello-WMF moved this task from Security & Governance to Incoming (new tickets) on the Data-Engineering board.Jun 29 2023, 11:44 PM
JArguello-WMF moved this task from Incoming (new tickets) to Radar (External Teams) on the Data-Engineering board.Jun 29 2023, 11:51 PM
BTullis added a project: Data-Platform-SRE.Jul 14 2023, 11:29 PM
BTullis removed a project: Data-Engineering.
Gehel moved this task from Incoming to Security on the Data-Platform-SRE board.Dec 7 2023, 1:56 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL