You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@phoenix.apache.org by lk_phoenix <lk...@163.com> on 2016/12/05 06:52:47 UTC
how to security phoenix
hi,all:
I want to know how to add access contorl to the table I create by phoenix .
I need to add the privilege through hbase?
2016-12-05
lk_phoenix
Re: how to security phoenix
Posted by Josh Elser <jo...@gmail.com>.
The only strong authentication for HBase is via Kerberos. The user name
is handled by the transport in this case.
"SIMPLE" HBase RPC authentication is not secure and doesn't go farther
than "please don't impersonate others". I'm not positive, but I think
your operation system user would be used. Because this is not secure,
it's not wired up to the JDBC user/password properties.
If you wrap invocations of the JDBC driver in a
UserGroupInformation.doAs(..) call, this might work (but again, not
tested because it's not actually secure).
The 'C' in your grant statement is for "CREATE" not "connect". You are
conflating authentication and authorization. Please do some research if
the difference between the two is not clear.
lk_phoenix wrote:
> if I use phoenix JDBC driver \uff0chow to pass user name to hbase?
> for example :
> hbase(main):012:0> grant 'user01', 'CR'
> so,user01 can connect and read tables by JDBC driver,
> but my client pc only have one user named : 201
> 2016-12-06
> ------------------------------------------------------------------------
> lk_phoenix
> ------------------------------------------------------------------------
>
> *\u53d1\u4ef6\u4eba\uff1a*Josh Elser <jo...@gmail.com>
> *\u53d1\u9001\u65f6\u95f4\uff1a*2016-12-05 23:41
> *\u4e3b\u9898\uff1a*Re: how to security phoenix
> *\u6536\u4ef6\u4eba\uff1a*"user"<us...@phoenix.apache.org>
> *\u6284\u9001\uff1a*
> Yes, use the HBase-provided access control mechanisms.
> lk_phoenix wrote:
> > hi,all:
> > I want to know how to add access contorl to the table I create by
> phoenix .
> > I need to add the privilege through hbase?
> > 2016-12-05
> >
> ------------------------------------------------------------------------
>
> > lk_phoenix
Re: Re: how to security phoenix
Posted by lk_phoenix <lk...@163.com>.
if I use phoenix JDBC driver ,how to pass user name to hbase?
for example :
hbase(main):012:0> grant 'user01', 'CR'
so,user01 can connect and read tables by JDBC driver,
but my client pc only have one user named : 201
2016-12-06
lk_phoenix
发件人:Josh Elser <jo...@gmail.com>
发送时间:2016-12-05 23:41
主题:Re: how to security phoenix
收件人:"user"<us...@phoenix.apache.org>
抄送:
Yes, use the HBase-provided access control mechanisms.
lk_phoenix wrote:
> hi,all:
> I want to know how to add access contorl to the table I create by phoenix .
> I need to add the privilege through hbase?
> 2016-12-05
> ------------------------------------------------------------------------
> lk_phoenix
Re: how to security phoenix
Posted by Josh Elser <jo...@gmail.com>.
Yes, use the HBase-provided access control mechanisms.
lk_phoenix wrote:
> hi,all:
> I want to know how to add access contorl to the table I create by phoenix .
> I need to add the privilege through hbase?
> 2016-12-05
> ------------------------------------------------------------------------
> lk_phoenix