You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hbase.apache.org by "Gary Helmling (JIRA)" <ji...@apache.org> on 2013/11/05 23:58:17 UTC
[jira] [Created] (HBASE-9897) Clean up some security configuration
checks in LoadIncrementalHFiles
Gary Helmling created HBASE-9897:
------------------------------------
Summary: Clean up some security configuration checks in LoadIncrementalHFiles
Key: HBASE-9897
URL: https://issues.apache.org/jira/browse/HBASE-9897
Project: HBase
Issue Type: Task
Components: security
Reporter: Gary Helmling
In LoadIncrementalHFiles, use of SecureBulkLoadClient is conditioned on UserProvider.isHBaseSecurityEnabled() in a couple of places. However, use of secure bulk loading seems to be required more by use of HDFS secure authentication, instead of HBase secure authentication. It should be possible to use secure bulk loading, as long as SecureBulkLoadEndpoint is loaded, and HDFS secure authentication is enabled, regardless of the HBase authentication configuration.
In addition, SecureBulkLoadEndpoint does a direct check on permissions by referencing AccessController loaded on the same region, i.e.:
{code}
getAccessController().prePrepareBulkLoad(env);
{code}
It seems like this will throw an NPE if AccessController is not configured. We need an additional null check to handle this case gracefully.
--
This message was sent by Atlassian JIRA
(v6.1#6144)