hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gary Helmling (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-2016) [DAC] Authentication
Date Fri, 08 Nov 2013 22:18:18 GMT

    [ https://issues.apache.org/jira/browse/HBASE-2016?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13817750#comment-13817750
] 

Gary Helmling commented on HBASE-2016:
--------------------------------------

It would certainly be possible to implement your own proxy, as Andy describes, which would
need its own kerberos credentials and would perform its own authentication of clients.  But
that doesn't seem like core HBase functionality.  Instead it's putting a proxy in place in
order to circumvent security.

I think the direction for HBase will be to support pluggable authentication of clients at
the RPC layer, using the same mechanisms under development for Hadoop, but unfortunately that
may be some time away.

> [DAC] Authentication
> --------------------
>
>                 Key: HBASE-2016
>                 URL: https://issues.apache.org/jira/browse/HBASE-2016
>             Project: HBase
>          Issue Type: Sub-task
>          Components: security
>            Reporter: Andrew Purtell
>            Assignee: Gary Helmling
>
> Follow what Hadoop is doing. Authentication via JAAS: 
>     http://issues.apache.org/jira/browse/HADOOP-6299
>     http://java.sun.com/javase/6/docs/technotes/guides/security/jaas/JAASRefGuide.html
> Should support Kerberos, Unix, and LDAP authentication options. 
> Integrate with authentication mechanisms for IPC and HDFS. 



--
This message was sent by Atlassian JIRA
(v6.1#6144)

Mime
View raw message