You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hbase.apache.org by GitBox <gi...@apache.org> on 2019/12/12 21:19:51 UTC

[GitHub] [hbase] joshelser commented on issue #936: HBASE-17115 Define UI admins via an ACL

joshelser commented on issue #936: HBASE-17115 Define UI admins via an ACL
URL: https://github.com/apache/hbase/pull/936#issuecomment-565191500
 
 
   Testing I've done:
   * New unit tests
   * Explicit admin user defined in configuration (`hbase.security.authentication.spnego.admin.users`)
   * `curl` with both the admin and a non-admin
   * The above along with `hbase.master.ui.readonly=true` as well.
   
   If admins are set, that will limit who can interact with sensitive endpoints. Setting readonly=true will further restrict the system and disallow anyone (including admins) from modifying hbase via the UI.
   
   I think this maintains all of the previous semantics folks would expect, while letting the security-conscious lock things down.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services