Thanks, Appy. Big thanks for making sure this change was documented during the patch review, as well! It seems maybe this notice should have gone to the users@ list, as well.
On Thu, Feb 22, 2018 at 4:02 PM Apekshit Sharma <a...@cloudera.com> wrote: > Default value for hbase.security.authorization has been changed from true > to false. Secured clusters should make sure to explicitly set it to true in > XML configuration file before upgrading to one of these versions. ( > https://issues.apache.org/jira/browse/HBASE-19483) > > True as default value of hbase.security.authorization doesn't make any > sense, since not all clusters need authorization. (History: HBASE-13275 > <https://issues.apache.org/jira/browse/HBASE-13275>) Rather, only the > clusters which need authorization should set this config as false. Going > further, setting this config should be single switch to enable/disable > authorization, conditional on appropriate coprocessors loaded (a condition > we'll try to remove in future by incorporating access control directly into > hbase as core feature rather then as coprocessor). > > -- Appy >