You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hbase.apache.org by "Jimmy Xiang (JIRA)" <ji...@apache.org> on 2013/06/03 18:45:21 UTC

[jira] [Commented] (HBASE-8660) [rest] support secure REST access

    [ https://issues.apache.org/jira/browse/HBASE-8660?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13673300#comment-13673300 ] 

Jimmy Xiang commented on HBASE-8660:
------------------------------------

Very good points.  HTTPS will add overhead for sure.  Fortunately, it is optional, and SPNEGO/Kerbos doesn't require HTTPS.  So HTTPS can be enabled only if it is absolutely needed.
                
> [rest] support secure REST access
> ---------------------------------
>
>                 Key: HBASE-8660
>                 URL: https://issues.apache.org/jira/browse/HBASE-8660
>             Project: HBase
>          Issue Type: Improvement
>          Components: REST, security
>            Reporter: Jimmy Xiang
>
> REST interface is accessed over http, which is most likely done from outside of a HBase cluster, perhaps over internet.  It will be great if we can make it secure.  To be secure, we need to:
> 1. authenticate the caller,
> 2. check authorization if needed,
> 3. make the connection secure (https)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira