You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hbase.apache.org by "Andrew Purtell (JIRA)" <ji...@apache.org> on 2014/05/12 05:51:16 UTC

[jira] [Resolved] (HBASE-9929) Trusted administration server

     [ https://issues.apache.org/jira/browse/HBASE-9929?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Andrew Purtell resolved HBASE-9929.
-----------------------------------

    Resolution: Not a Problem

Seems resolved as not a problem by consensus. Reopen if I have that wrong

> Trusted administration server
> -----------------------------
>
>                 Key: HBASE-9929
>                 URL: https://issues.apache.org/jira/browse/HBASE-9929
>             Project: HBase
>          Issue Type: New Feature
>            Reporter: Andrew Purtell
>
> Some deployments would like to avoid needing kerberos principals for taking administrative actions with the HBase shell, substituting their own authentication. The HBase shell is a regular HBase client, which could run anywhere, and cannot be trusted with simple authentication or impersonation of arbitrary users. 
> Other Hadoop ecosystem components have a service process registered in cluster configuration afforded the elevated privilege of impersonation. For HBase, this could be a trusted administration server that would reside at a fixed location, could be trusted to impersonate, with the shell modified to optionally proxy administrative commands through it.
> Carried over from HBASE-2016 without comment.



--
This message was sent by Atlassian JIRA
(v6.2#6252)