You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hbase.apache.org by "Nick Dimiduk (JIRA)" <ji...@apache.org> on 2017/02/21 06:15:44 UTC

[jira] [Updated] (HBASE-17513) Thrift Server 1 uses different QOP settings than RPC and Thrift Server 2 and can easily be misconfigured so there is no encryption when the operator expects it.

     [ https://issues.apache.org/jira/browse/HBASE-17513?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Nick Dimiduk updated HBASE-17513:
---------------------------------
    Fix Version/s:     (was: 1.1.9)
                   1.1.10

> Thrift Server 1 uses different QOP settings than RPC and Thrift Server 2 and can easily be misconfigured so there is no encryption when the operator expects it.
> ----------------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: HBASE-17513
>                 URL: https://issues.apache.org/jira/browse/HBASE-17513
>             Project: HBase
>          Issue Type: Bug
>          Components: documentation, security, Thrift, Usability
>    Affects Versions: 2.0.0, 1.2.0, 1.3.0, 0.98.15, 1.0.3, 1.1.3
>            Reporter: Sean Busbey
>            Priority: Critical
>             Fix For: 2.0.0, 1.3.1, 1.2.5, 1.1.10
>
>
> As of HBASE-14400 the setting {{hbase.thrift.security.qop}} was unified to behave the same as the general HBase RPC protection. However, this only happened for the Thrift2 server. The Thrift server found in the thrift package (aka Thrift Server 1) still hard codes the old configs of 'auth', 'auth-int', and 'auth-conf'.
> Additionally, these Quality of Protection (qop) settings are used only by the SASL transport. If a user configures the HBase Thrift Server to make use of the HTTP transport (to enable doAs proxying e.g. for Hue) then a QOP setting of 'privacy' or 'auth-conf' won't get them encryption as expected.
> We should
> 1) update {{hbase-thrift/src/main/.../thrift/ThriftServerRunner}} to rely on {{SaslUtil}} to use the same 'authentication', 'integrity', 'privacy' configs in a backward compatible way
> 2) also have ThriftServerRunner warn when both {{hbase.thrift.security.qop}} and {{hbase.regionserver.thrift.http}} are set, since the latter will cause the former to be ignored. (users should be directed to {{hbase.thrift.ssl.enabled}} and related configs to ensure their transport is encrypted when using the HTTP transport.)



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)