hbase-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gary Helmling (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HBASE-14700) Support a "permissive" mode for secure clusters to allow "simple" auth clients
Date Mon, 26 Oct 2015 22:59:27 GMT
Gary Helmling created HBASE-14700:
-------------------------------------

             Summary: Support a "permissive" mode for secure clusters to allow "simple" auth
clients
                 Key: HBASE-14700
                 URL: https://issues.apache.org/jira/browse/HBASE-14700
             Project: HBase
          Issue Type: Improvement
          Components: security
            Reporter: Gary Helmling
            Assignee: Gary Helmling


When implementing HBase security for an existing cluster, it can be useful to support mixed
secure and insecure clients while all client configurations are migrated over to secure authentication.
 

We currently have an option to allow secure clients to fallback to simple auth against insecure
clusters.  By providing an analogous setting for servers, we would allow a phased rollout
of security:
#. First, security can be enabled on the cluster servers, with the "permissive" mode enabled
#. Clients can be converting to using secure authentication incrementally
#. The server audit logs allow identification of clients still using simple auth to connect
#. Finally, when sufficient clients have been converted to secure operation, the server-side
"permissive" mode can be removed, allowing completely secure operation.

Obviously with this enabled, there is no effective access control, but this would still be
a useful tool to enable a smooth operational rollout of security.  Permissive mode would of
course be disabled by default.  Enabling it should provide a big scary warning in the logs
on startup, and possibly be flagged on relevant UIs.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message