hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Purtell (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-12640) Add doAs support for Thrift Server
Date Fri, 05 Dec 2014 18:45:14 GMT

    [ https://issues.apache.org/jira/browse/HBASE-12640?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14235875#comment-14235875
] 

Andrew Purtell commented on HBASE-12640:
----------------------------------------

Thrift over HTTP/HTTPS? There's a lot more here than just doAs support in the Thrift server.


Why Thrift over HTTP with SSL authentication? Doesn't Thrift support SASL? (I think it does.)
Does that make more sense? All of our client access methods use Kerberos authentication except
for hbase-rest, which already provides support for data access over HTTP/HTTPS. We need a
HBase access via HTTP option in Thrift too?

> Add doAs support for Thrift Server
> ----------------------------------
>
>                 Key: HBASE-12640
>                 URL: https://issues.apache.org/jira/browse/HBASE-12640
>             Project: HBase
>          Issue Type: Improvement
>          Components: Thrift
>            Reporter: Srikanth Srungarapu
>            Assignee: Srikanth Srungarapu
>         Attachments: HBASE-12640_v1.patch
>
>
> In HBASE-11349, impersonation support has been added to Thrift Server. But the limitation
is thrift client must use same set of credentials throughout the session. These changes will
help us in circumventing this problem, by allowing user to populate doAs parameter as per
his needs. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message