You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hbase.apache.org by GitBox <gi...@apache.org> on 2019/12/12 03:03:18 UTC
[GitHub] [hbase] busbey commented on issue #884: HBASE-23347 Allowable
custom authentication methods for RPCs
busbey commented on issue #884: HBASE-23347 Allowable custom authentication methods for RPCs
URL: https://github.com/apache/hbase/pull/884#issuecomment-564829070
> ## Client fallback
> It looks like we had copied an idea from Hadoop where the client which was configured to auth'n over Kerberos, could fall back to trying to authenticate via SIMPLE. This seems silly to me and is off by default. I see one instance of someone poking at this https://issues.apache.org/jira/browse/HBASE-20993 but I'm missing the "why". I can't think of a reason that we would want to encourage this (not using the correct configuration to talk to HBase).
>
> Am I missing a use-case?
I would suggest asking specifically about this on the mailing list. IIRC the main use case was the ability to enable security on an existing cluster without downtime [HBASE-14700 Support a "permissive" mode for secure clusters to allow "simple" auth clients
](https://issues.apache.org/jira/browse/HBASE-14700)
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services