accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Christopher Tubbs (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ACCUMULO-2815) Kerberos authentication for clients
Date Tue, 13 Jan 2015 19:38:35 GMT

    [ https://issues.apache.org/jira/browse/ACCUMULO-2815?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14275778#comment-14275778
] 

Christopher Tubbs commented on ACCUMULO-2815:
---------------------------------------------

That's okay. I was just thinking SSL in Accumulo.

But, now that you mention it, I was kind of assuming HDFS/ZK were set up the same on all these
scenarios (either with or without Kerberos). Are you suggesting that is not the case? That
the HDFS settings are also configured with the above Kerberos settings (or none)?


> Kerberos authentication for clients
> -----------------------------------
>
>                 Key: ACCUMULO-2815
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-2815
>             Project: Accumulo
>          Issue Type: Improvement
>          Components: client
>            Reporter: Josh Elser
>            Assignee: Josh Elser
>             Fix For: 1.7.0
>
>
> We have server authentication via Kerberos, but we don't have a way for clients to connect
to Accumulo using Kerberos.
> HBase context: http://hbase.apache.org/book/security.html#d248e5472
> We'll have to look into how Authorizations and Permissions are assigned to these users
and make sure the ZK-backed security mechanisms can still support this. It would be nice to
not have to make a completely separate auth/permission mechanism when kerberos is being used.
> As far as configuration, I imagine this would be a great fit for the often-proposed client-side
configuration idea.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message