hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aditya Kishore (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-12231) REST gateway authentication should be independent of Hadoop/HBase security configuration.
Date Fri, 10 Oct 2014 23:25:34 GMT

    [ https://issues.apache.org/jira/browse/HBASE-12231?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14167769#comment-14167769
] 

Aditya Kishore commented on HBASE-12231:
----------------------------------------

There are subtle differences between the two authentication mode, one being HBase RPC authentication
other Web authenticator, and same configuration would exactly not apply by default.

For example the 'kerberos' mode at REST server would require and additional "HTTP/_HOST@REALM"
principal be created and specified. Hence I think these two must remain decoupled.

> REST gateway authentication should be independent of Hadoop/HBase security configuration.
> -----------------------------------------------------------------------------------------
>
>                 Key: HBASE-12231
>                 URL: https://issues.apache.org/jira/browse/HBASE-12231
>             Project: HBase
>          Issue Type: Improvement
>          Components: REST
>    Affects Versions: 0.98.6.1
>            Reporter: Aditya Kishore
>            Assignee: Aditya Kishore
>              Labels: authentication, security
>         Attachments: HBASE-12231-REST-gateway-authentication-should-be-in.patch
>
>
> It is reasonable that a user would want to secure the HBase REST interface without having
to incur the cost of securing the entire HBase/Hadoop ecosystem.
> The current implementation does not allow that and needs to be modified.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message