hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Josh Elser (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-17701) Add HadoopAuthFilterInitializer to use hadoop-auth AuthenticationFilter for hbase web ui
Date Fri, 03 Mar 2017 23:43:45 GMT

    [ https://issues.apache.org/jira/browse/HBASE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15895259#comment-15895259
] 

Josh Elser commented on HBASE-17701:
------------------------------------

bq.  If HBase uses AuthenticationFilter, HBase will load the hadoop.http.authentication.*
configurations from core-site.xml, in that way, the HBase ui can be authenticated by the way
hadoop does. 

I don't think we want to tie HBase to the same configuration properties that Hadoop uses.
That seems very brittle as we require Hadoop's configuration files on the classpath. I would
think that we would want our own configuration properties.

Anyways, if you can be more specific about the kind of authentication you think is missing
(I don't know what token authentication means at a glance), and write some tests to show it
working, that would be a good addition.

> Add HadoopAuthFilterInitializer to use hadoop-auth AuthenticationFilter for hbase web
ui
> ----------------------------------------------------------------------------------------
>
>                 Key: HBASE-17701
>                 URL: https://issues.apache.org/jira/browse/HBASE-17701
>             Project: HBase
>          Issue Type: Improvement
>          Components: UI
>    Affects Versions: 1.2.4
>            Reporter: Pan Yuxuan
>         Attachments: HBASE-17701.v1.patch
>
>
> The HBase web UI is none secure by default, there is only one StaticUserWebFilter for
a fake user.
> For Hadoop, we already have AuthenticationFilter for web authentication based on token
or kerberos. So I think hbase can reuse the hadoop-auth AuthenticationFilter by adding a HadoopAuthFilterInitializer.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message