hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Josh Elser (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-16829) DemoClient should detect secure mode
Date Fri, 21 Oct 2016 22:10:58 GMT

    [ https://issues.apache.org/jira/browse/HBASE-16829?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15596517#comment-15596517
] 

Josh Elser commented on HBASE-16829:
------------------------------------

{code}
+      int slashIdx = principal.indexOf("/");
+      int atIdx = principal.indexOf("@");
+      int idx = slashIdx != -1 ? slashIdx : atIdx;
+      user = principal.substring(0, idx);
{code}

There is a class somewhere that can do this parsing for you.. org.apache.hadoop.security.authentication.util.KerberosName.
I guess it is marked as LimitedPrivate, so maybe better to just leave it as you have it. Oh,
but the realm is optional, so you should not require that you find an {{@}} symbol.

Otherwise, LGTM.

> DemoClient should detect secure mode
> ------------------------------------
>
>                 Key: HBASE-16829
>                 URL: https://issues.apache.org/jira/browse/HBASE-16829
>             Project: HBase
>          Issue Type: Bug
>            Reporter: Ted Yu
>            Assignee: Ted Yu
>         Attachments: 16829.v1.txt
>
>
> Sometimes user runs DemoClient against secure cluster using the following command:
> {code}
> java -cp `hbase classpath` org.apache.hadoop.hbase.thrift2.DemoClient host 9090
> {code}
> This wouldn't work.
> DemoClient should detect the presence of secure cluster - e.g. through the following
config:
> {code}
>     <property>
>       <name>hbase.thrift.authentication.type</name>
>       <value>kerberos</value>
>     </property>
> {code}
> User can still specify 'false' as the last parameter if the target cluster is insecure.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message