Uploaded image for project: 'Drivers'
  1. Drivers
  2. DRIVERS-645

Ability to impersonate other users

    XMLWordPrintable

Details

    • Epic
    • Status: Closed
    • Major - P3
    • Resolution: Fixed
    • None

    Description

      Epic Summary

      Summary

      Allow privileged users to gain or shed privileges for particular operations.

      Motivation

      Some applications perform database operations with a single privileged account on the behalf of multiple clients. These clients use some form of application level authentication and authorization in order to gain access to privileged resources. Applications must be carefully written to ensure that its authorization model is strictly enforced.

      Using this functionality, an application would be able to temporarily scope its database privileges to those required to perform operations for a particular client. This would mitigate some of the risk of a client attempting to bypass the application authorization model and manipulate database resources that it shouldn't be able to access.

      Lead : Jeff
      Author : Divjot
      POCs : GO

      Documentation

      Scope Document
      Technical Design Document

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              rathi.gnanasekaran Rathi Gnanasekaran
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: