Lists the process to permit the mapr user to impersonate other
users.
Impersonation, also known as identity assertion, is one user (the mapr super
user) accessing data and submitting jobs on behalf of another user.
mapr user can impersonate other users.For secure clusters, to have a request processed as an impersonated user:
mapr user and the request
should have the HTTP header X-MAPR-IMPERSONATED-USER, passed in the request.The value of the header is the username of the impersonated user.
"Authorization: Basic
<base64_encoding_of_userID:pwd>" for the apiserver to authorize the
request.Here userID is mapr and the password is the PAM Linux password
for mapr user on the node on which the apiserver is running.
For example:
curl -XPOST -H "Accept: application/json" -H "X-MAPR-IMPERSONATED-USER: m7user1" -H "Authorization: Basic bWFwcjptYXBy" -k https://10.20.30.40:8443/rest/table/create?path=%2Ftmp%2FsrcC -vFor a non-secure cluster, data-fabric requires a file for the user to impersonate in the
/opt/mapr/conf/proxy directory. The logged-in user is allowed to
impersonate only if the /opt/mapr/conf/proxy/<user_to_impersonate> file is
present. By default, this file is created during installation for the mapr
user and the root user. If the file is not present, HTTP 403 is returned to
the client if the client attempts to impersonate a user who does not have the file.