You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hbase.apache.org by "Andrew Purtell (JIRA)" <ji...@apache.org> on 2013/06/03 21:14:20 UTC

[jira] [Commented] (HBASE-5050) [rest] SPNEGO-based authentication

    [ https://issues.apache.org/jira/browse/HBASE-5050?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13673448#comment-13673448 ] 

Andrew Purtell commented on HBASE-5050:
---------------------------------------

+1
                
> [rest] SPNEGO-based authentication
> ----------------------------------
>
>                 Key: HBASE-5050
>                 URL: https://issues.apache.org/jira/browse/HBASE-5050
>             Project: HBase
>          Issue Type: Sub-task
>          Components: REST, security
>            Reporter: Andrew Purtell
>            Assignee: Jimmy Xiang
>         Attachments: trunk-5050.patch
>
>
> Currently the REST gateway can authenticate to a HBase cluster using a preconfigured principal. This provides a limited form of secure operation where one or more gateways can be deployed with distinct principals granting appropriate levels of privilege, but the service ports must be protected through network ACLs. This is at best a stopgap.
> SPNEGO is the standard mechanism for Kerberos authentication over HTTP. Enhance the REST gateway such that it provides this option, and issues requests to the HBase cluster with the established context.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira