hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gary Helmling (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HBASE-15025) Allow clients configured with insecure fallback to attempt SIMPLE auth when KRB fails
Date Mon, 25 Jan 2016 20:33:39 GMT

     [ https://issues.apache.org/jira/browse/HBASE-15025?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Gary Helmling updated HBASE-15025:
----------------------------------
    Attachment: HDFS-9700_branch-2.7.patch

The attached patch is against branch-2.7.  For an HBase deployment on secure Hadoop, this
reliably lowers our P95 write latencies from 40ms+ to ~2ms.

I'm still working out how/if these changes apply to trunk.

> Allow clients configured with insecure fallback to attempt SIMPLE auth when KRB fails
> -------------------------------------------------------------------------------------
>
>                 Key: HBASE-15025
>                 URL: https://issues.apache.org/jira/browse/HBASE-15025
>             Project: HBase
>          Issue Type: Improvement
>          Components: security
>            Reporter: Gary Helmling
>            Assignee: Gary Helmling
>
> We have separate configurations for both client and server allowing a "permissive" mode
where connections to insecure servers and clients (respectively) are allowed.  However, if
both client and server are configured for Kerberos authentication for a given cluster, and
Kerberos authentication fails, the connection will still fail if the fallback configurations
are set to true.
> If the client is configured to allow insecure fallback, and Kerberos authentication fails,
we could instead have the client retry with SIMPLE auth.  If the server is also configured
to allow insecure fallback, this would allow the connection to succeed in the case of transient
problems with Kerberos infrastructure, for example.
> There is of course a danger that this would allow misconfigurations of security to be
silently ignored, but we can add some loud logging on the client side when fallback to SIMPLE
auth occurs, plus we have metrics and logging on the server side for fallbacks.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message