hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Purtell (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-13275) Setting hbase.security.authorization to false does not disable authorization when AccessController is in the coprocessor class list
Date Thu, 19 Mar 2015 00:39:40 GMT

    [ https://issues.apache.org/jira/browse/HBASE-13275?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14368238#comment-14368238
] 

Andrew Purtell commented on HBASE-13275:
----------------------------------------

We'll need a companion change in the VisibilityController too.

The presence or absence of the coprocessors in the system or table coprocessor list has been
serving as the authorization toggle.

I suppose an argument against any fix beyond documentation is there is no utility of having
the coprocessors installed but inactive. 

> Setting hbase.security.authorization to false does not disable authorization when AccessController
is in the coprocessor class list
> -----------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: HBASE-13275
>                 URL: https://issues.apache.org/jira/browse/HBASE-13275
>             Project: HBase
>          Issue Type: Bug
>            Reporter: William Watson
>            Assignee: Andrew Purtell
>
> According to the docs provided by Cloudera (we're not running Cloudera, BTW), this is
the list of configs to enable authorization in HBase:
> {code}
> <property>
>      <name>hbase.security.authorization</name>
>      <value>true</value>
> </property>
> <property>
>      <name>hbase.coprocessor.master.classes</name>
>      <value>org.apache.hadoop.hbase.security.access.AccessController</value>
> </property>
> <property>
>      <name>hbase.coprocessor.region.classes</name>
>      <value>org.apache.hadoop.hbase.security.token.TokenProvider,org.apache.hadoop.hbase.security.access.AccessController</value>
> </property>
> {code}
> We wanted to then disable authorization but simply setting hbase.security.authorization
to false did not disable the authorization



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message