accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Josh Elser (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ACCUMULO-2815) Kerberos authentication for clients
Date Tue, 13 Jan 2015 19:34:36 GMT

    [ https://issues.apache.org/jira/browse/ACCUMULO-2815?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14275768#comment-14275768
] 

Josh Elser commented on ACCUMULO-2815:
--------------------------------------

I do not, but I'll try to run some. It won't be entirely accurate since it will only be representative
of the Accumulo level (and not HDFS and ZK). I'm not sure you can get encryption of both HDFS
and ZK with SSL.

> Kerberos authentication for clients
> -----------------------------------
>
>                 Key: ACCUMULO-2815
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-2815
>             Project: Accumulo
>          Issue Type: Improvement
>          Components: client
>            Reporter: Josh Elser
>            Assignee: Josh Elser
>             Fix For: 1.7.0
>
>
> We have server authentication via Kerberos, but we don't have a way for clients to connect
to Accumulo using Kerberos.
> HBase context: http://hbase.apache.org/book/security.html#d248e5472
> We'll have to look into how Authorizations and Permissions are assigned to these users
and make sure the ZK-backed security mechanisms can still support this. It would be nice to
not have to make a completely separate auth/permission mechanism when kerberos is being used.
> As far as configuration, I imagine this would be a great fit for the often-proposed client-side
configuration idea.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message