You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hbase.apache.org by "Josh Elser (JIRA)" <ji...@apache.org> on 2017/02/27 16:36:45 UTC

[jira] [Commented] (HBASE-17701) Add HadoopAuthFilterInitializer to use hadoop-auth AuthenticationFilter for hbase web ui

    [ https://issues.apache.org/jira/browse/HBASE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15886080#comment-15886080 ] 

Josh Elser commented on HBASE-17701:
------------------------------------

[~panyuxuan], thanks for the patch, but I believe you're trying to build functionality for something that already exists...

https://github.com/apache/hbase/blob/e68ab09d5ed87272a119e9daa88b8b15f5ff8aae/hbase-server/src/main/java/org/apache/hadoop/hbase/http/HttpServer.java#L906-L939

https://hbase.apache.org/book.html#hbase.secure.spnego.ui

> Add HadoopAuthFilterInitializer to use hadoop-auth AuthenticationFilter for hbase web ui
> ----------------------------------------------------------------------------------------
>
>                 Key: HBASE-17701
>                 URL: https://issues.apache.org/jira/browse/HBASE-17701
>             Project: HBase
>          Issue Type: Improvement
>          Components: UI
>    Affects Versions: 1.2.4
>            Reporter: Pan Yuxuan
>         Attachments: HBASE-17701.v1.patch
>
>
> The HBase web UI is none secure by default, there is only one StaticUserWebFilter for a fake user.
> For Hadoop, we already have AuthenticationFilter for web authentication based on token or kerberos. So I think hbase can reuse the hadoop-auth AuthenticationFilter by adding a HadoopAuthFilterInitializer.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)