hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Matteo Bertozzi (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-4791) Allow Secure Zookeeper JAAS configuration to be programmatically set (rather than only by reading JAAS configuration file)
Date Tue, 04 Dec 2012 15:38:59 GMT

    [ https://issues.apache.org/jira/browse/HBASE-4791?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13509802#comment-13509802
] 

Matteo Bertozzi commented on HBASE-4791:
----------------------------------------

[~saint.ack@gmail.com] good catch, "localhost" is not always right, do we have something to
get the "default" localhost, or just InetAddress.getLocalHost().getHostName() is enough?

also it will be nice have this one in 0.94 too, since doesn't break the compatibility.
but we need to upgrade to zookeeper 3.4.5 (currently we're using 3.4.3)
                
> Allow Secure Zookeeper JAAS configuration to be programmatically set (rather than only
by reading JAAS configuration file)
> --------------------------------------------------------------------------------------------------------------------------
>
>                 Key: HBASE-4791
>                 URL: https://issues.apache.org/jira/browse/HBASE-4791
>             Project: HBase
>          Issue Type: Improvement
>          Components: security, Zookeeper
>            Reporter: Eugene Koontz
>            Assignee: Matteo Bertozzi
>              Labels: security, zookeeper
>         Attachments: DemoConfig.java, HBASE-4791-v1.patch, HBASE-4791-v2.patch, HBASE-4791-v3.patch
>
>
> In the currently proposed fix for HBASE-2418, there must be a JAAS file specified in
    System.setProperty("java.security.auth.login.config"). 
> However, it might be preferable to construct a JAAS configuration programmatically, as
is done with secure Hadoop (see https://github.com/apache/hadoop-common/blob/a48eceb62c9b5c1a5d71ee2945d9eea2ed62527b/src/java/org/apache/hadoop/security/UserGroupInformation.java#L175).
> This would have the benefit of avoiding a usage of a system property setting, and allow
instead an HBase-local configuration setting.	

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message