Where SASL is used for authentication users can request to authenticate as themselves but to be authorized to connect to the server as a different user.

A couple of examples where this could be used: -

• A user granting access to another user to log into their account.
• A user with two levels of access e.g. normal and admin and requesting they have admin level access.

Another area we are looking to use this feature is where one server connects to another server but want to be able to run requests on the remote server using the identity of a specified user.

This Jira issue is to enhance the security realms to allow for trust permissions to be defined - initially this will be local to a single realm but will subsequently be opened up to work across different realms.