You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hbase.apache.org by "Andrew Purtell (JIRA)" <ji...@apache.org> on 2015/04/02 02:57:53 UTC

[jira] [Comment Edited] (HBASE-13275) Setting hbase.security.authorization to false does not disable authorization

    [ https://issues.apache.org/jira/browse/HBASE-13275?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14391883#comment-14391883 ] 

Andrew Purtell edited comment on HBASE-13275 at 4/2/15 12:57 AM:
-----------------------------------------------------------------

bq. Also, it would be good if we can create a separate jira for adding a unit test (or may be we can add it here too, your call).

I was planning to raise this in a new issue. We can discuss it here though. How comprehensive should those tests be? We could basically duplicate TestAccessController and TestAccessController2 but with all checks changed to confirm passive behavior. That's a lot more units and test execution time!

Not planning to commit now, until more discussion.


was (Author: apurtell):
bq. Also, it would be good if we can create a separate jira for adding a unit test (or may be we can add it here too, your call).

I was planning to raise this in a new issue. We can discuss it here though. How comprehensive should those tests be? We could basically duplicate TestAccessController and TestAccessController but with all checks changed to confirm passive behavior. That's a lot more units and test execution time!

Not planning to commit now, until more discussion.

> Setting hbase.security.authorization to false does not disable authorization
> ----------------------------------------------------------------------------
>
>                 Key: HBASE-13275
>                 URL: https://issues.apache.org/jira/browse/HBASE-13275
>             Project: HBase
>          Issue Type: Bug
>            Reporter: William Watson
>            Assignee: Andrew Purtell
>             Fix For: 2.0.0, 1.0.1, 1.1.0, 0.98.13
>
>         Attachments: HBASE-13275.patch, HBASE-13275.patch
>
>
> According to the docs provided by Cloudera (we're not running Cloudera, BTW), this is the list of configs to enable authorization in HBase:
> {code}
> <property>
>      <name>hbase.security.authorization</name>
>      <value>true</value>
> </property>
> <property>
>      <name>hbase.coprocessor.master.classes</name>
>      <value>org.apache.hadoop.hbase.security.access.AccessController</value>
> </property>
> <property>
>      <name>hbase.coprocessor.region.classes</name>
>      <value>org.apache.hadoop.hbase.security.token.TokenProvider,org.apache.hadoop.hbase.security.access.AccessController</value>
> </property>
> {code}
> We wanted to then disable authorization but simply setting hbase.security.authorization to false did not disable the authorization



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)