[
https://issues.apache.org/jira/browse/HBASE-9897?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andrew Kyle Purtell resolved HBASE-9897.
----------------------------------------
Resolution: Incomplete
> Clean up some security configuration checks in LoadIncrementalHFiles
> --------------------------------------------------------------------
>
> Key: HBASE-9897
> URL: https://issues.apache.org/jira/browse/HBASE-9897
> Project: HBase
> Issue Type: Task
> Components: security
> Reporter: Gary Helmling
> Priority: Major
>
> In LoadIncrementalHFiles, use of SecureBulkLoadClient is conditioned on
> UserProvider.isHBaseSecurityEnabled() in a couple of places. However, use of
> secure bulk loading seems to be required more by use of HDFS secure
> authentication, instead of HBase secure authentication. It should be
> possible to use secure bulk loading, as long as SecureBulkLoadEndpoint is
> loaded, and HDFS secure authentication is enabled, regardless of the HBase
> authentication configuration.
> In addition, SecureBulkLoadEndpoint does a direct check on permissions by
> referencing AccessController loaded on the same region, i.e.:
> {code}
> getAccessController().prePrepareBulkLoad(env);
> {code}
> It seems like this will throw an NPE if AccessController is not configured.
> We need an additional null check to handle this case gracefully.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
