You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ambari.apache.org by "Emil Anca (JIRA)" <ji...@apache.org> on 2015/05/19 16:01:59 UTC

[jira] [Created] (AMBARI-11238) When Kerberizing a cluster with Ranger HBase plugin enabled, HBase coprocessor properties in hbase-site are overwritten (and breaks Ranger HBase plugin)

Emil Anca created AMBARI-11238:
----------------------------------

             Summary: When Kerberizing a cluster with Ranger HBase plugin enabled, HBase coprocessor properties in hbase-site are overwritten (and breaks Ranger HBase plugin)
                 Key: AMBARI-11238
                 URL: https://issues.apache.org/jira/browse/AMBARI-11238
             Project: Ambari
          Issue Type: Bug
          Components: ambari-server
    Affects Versions: 2.0.0
            Reporter: Emil Anca
            Priority: Critical
             Fix For: 2.1.0


STR:
1. Install HDP 2.2 cluster.
2. Add Ranger to the cluster via Add Service Wizard. While Ranger is added, enable Ranger HBase plugin. This changes the following properties in hbase-site:
hbase.coprocessor.master.classes: com.xasecure.authorization.hbase.XaSecureAuthorizationCoprocessor
hbase.coprocessor.region.classes: org.apache.hadoop.hbase.security.token.TokenProvider,org.apache.hadoop.hbase.security.access.SecureBulkLoadEndpoint,com.xasecure.authorization.hbase.XaSecureAuthorizationCoprocessor
3. Kerberization API, resets the following properties in hbase-site and invalidates settings that are needed for Ranger HBase plugin:
"hbase.coprocessor.master.classes": "org.apache.hadoop.hbase.security.access.AccessController"
"hbase.coprocessor.region.classes": "org.apache.hadoop.hbase.security.token.TokenProvider,org.apache.hadoop.hbase.security.access.SecureBulkLoadEndpoint,org.apache.hadoop.hbase.security.access.AccessController"



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)