hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mikhail Antonov (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-2016) [DAC] Authentication
Date Fri, 08 Nov 2013 21:45:18 GMT

    [ https://issues.apache.org/jira/browse/HBASE-2016?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13817723#comment-13817723

Mikhail Antonov commented on HBASE-2016:

Yeah, I don't question whether this jira is finished or not, I just thought it may be appropriate
place to ask a few questions which I couldn't answer after reading docs, JIRA and sources.

* it's fair to say direct use of kerberos is the only option today, as with the case of Hadoop
in general.*
Various ecosystem services like Hive or Oozie do support impersonation of end users, thus
bypassing that, and allow end users to be authenticated via pluggable authentication (which
may authenticate users against ldap, mysql database and such). But for HBase Shell there's
no impersonation possible as of now, right, and there're no developments in this direction?

> [DAC] Authentication
> --------------------
>                 Key: HBASE-2016
>                 URL: https://issues.apache.org/jira/browse/HBASE-2016
>             Project: HBase
>          Issue Type: Sub-task
>          Components: security
>            Reporter: Andrew Purtell
>            Assignee: Gary Helmling
> Follow what Hadoop is doing. Authentication via JAAS: 
>     http://issues.apache.org/jira/browse/HADOOP-6299
>     http://java.sun.com/javase/6/docs/technotes/guides/security/jaas/JAASRefGuide.html
> Should support Kerberos, Unix, and LDAP authentication options. 
> Integrate with authentication mechanisms for IPC and HDFS. 

This message was sent by Atlassian JIRA

View raw message