[DRIVERS-645] Ability to impersonate other users Created: 29/Apr/19  Updated: 28/Oct/23  Resolved: 05/May/20

Status: Closed
Project: Drivers
Component/s: None
Fix Version/s: None

Type: Epic Priority: Major - P3
Reporter: Rathi Gnanasekaran Assignee: Unassigned
Resolution: Fixed Votes: 0
Labels: driver-planning-backlog
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
depends on GODRIVER-1392 Ability to impersonate other users Closed
Quarter: FY20Q3
Driver Compliance:
Key Status/Resolution FixVersion
GODRIVER-1392 Won't Do

 Description   
Epic Summary

Summary

Allow privileged users to gain or shed privileges for particular operations.

Motivation

Some applications perform database operations with a single privileged account on the behalf of multiple clients. These clients use some form of application level authentication and authorization in order to gain access to privileged resources. Applications must be carefully written to ensure that its authorization model is strictly enforced.

Using this functionality, an application would be able to temporarily scope its database privileges to those required to perform operations for a particular client. This would mitigate some of the risk of a client attempting to bypass the application authorization model and manipulate database resources that it shouldn't be able to access.

Lead : Jeff
Author : Divjot
POCs : GO

Documentation

Scope Document
Technical Design Document


Generated at Thu Feb 08 08:22:01 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.