accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Josh Elser (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ACCUMULO-2815) Kerberos authentication for clients
Date Tue, 13 Jan 2015 20:03:36 GMT

    [ https://issues.apache.org/jira/browse/ACCUMULO-2815?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14275830#comment-14275830
] 

Josh Elser commented on ACCUMULO-2815:
--------------------------------------

No worries. Thanks for asking for clarification. I could see worth in having something to
test this out for development purposes. Having a general idea on end-to-end performance is
probably most useful for users.

I'm not sure if we'd run into any gotchas in trying to actually configure the system this
way. Hopefully not, but time will tell :)



> Kerberos authentication for clients
> -----------------------------------
>
>                 Key: ACCUMULO-2815
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-2815
>             Project: Accumulo
>          Issue Type: Improvement
>          Components: client
>            Reporter: Josh Elser
>            Assignee: Josh Elser
>             Fix For: 1.7.0
>
>
> We have server authentication via Kerberos, but we don't have a way for clients to connect
to Accumulo using Kerberos.
> HBase context: http://hbase.apache.org/book/security.html#d248e5472
> We'll have to look into how Authorizations and Permissions are assigned to these users
and make sure the ZK-backed security mechanisms can still support this. It would be nice to
not have to make a completely separate auth/permission mechanism when kerberos is being used.
> As far as configuration, I imagine this would be a great fit for the often-proposed client-side
configuration idea.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message