hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alejandro Abdelnur (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-5050) [rest] SPNEGO-based authentication
Date Fri, 16 Dec 2011 17:30:31 GMT

    [ https://issues.apache.org/jira/browse/HBASE-5050?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13171086#comment-13171086

Alejandro Abdelnur commented on HBASE-5050:

Hadoop 0.23 onwards has a hadoop-auth artifact that provides SPNEGO/Kerberos authentication
for webapps via a filter. You should consider using it. You don't have to move Hbase to 0.23
for that, just consume the hadoop-auth artifact, which has no dependencies on the rest of
Hadoop 0.23 artifacts.
> [rest] SPNEGO-based authentication
> ----------------------------------
>                 Key: HBASE-5050
>                 URL: https://issues.apache.org/jira/browse/HBASE-5050
>             Project: HBase
>          Issue Type: Improvement
>          Components: rest, security
>            Reporter: Andrew Purtell
> Currently the REST gateway can authenticate to a HBase cluster using a preconfigured
principal. This provides a limited form of secure operation where one or more gateways can
be deployed with distinct principals granting appropriate levels of privilege, but the service
ports must be protected through network ACLs. This is at best a stopgap.
> SPNEGO is the standard mechanism for Kerberos authentication over HTTP. Enhance the REST
gateway such that it provides this option, and issues requests to the HBase cluster with the
established context.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


View raw message