I started working on this and have PutHBaseCell, PutHBaseJSON and FetchHBaseRow working with it. I'm following a loose convention that goes like this:
1. Option of sane default for visibility boolean string where appropriate, but the string is not required. 2. User defines the list of tokens that will be used for the scans and gets so they can control how much of the acceptable range is used (this will be customizable with EL). 3. For JSON data, attributes that follow visibility.COL_FAM.COL_QUAL = X&(Y|Z) is how it'll let the user define different statements for each column. 4. For records, I plan to put a record path property where a user can specify a simple Map<String> in Avro that would provide the equivalent of #3 for records, but would not be added to the Puts. Our environment doesn't have Kerberos enabled. We're just using OS users and manual set_auths to define who can see what in HBase. I don't expect it'll make a difference to NiFi for users that have Kerberos set up properly. Thanks, Mike On Thu, Jun 29, 2017 at 1:25 PM, Bryan Bende <bbe...@gmail.com> wrote: > Mike, > > I don't know of any work being done or any JIRAs that exist for this, > but seems like it would be good to support them. Most likely its just > that no one has asked for it yet. > > I'd go ahead and create a JIRA, or if you were planning to incorporate > it into the HBase record processors then that sounds good too. > > Thanks, > > Bryan > > On Thu, Jun 29, 2017 at 1:03 PM, Mike Thomsen <mikerthom...@gmail.com> > wrote: > > Are there any plans for implementing HBase security labels? > > > > Thanks, > > > > Mike >