[jira] Updated: (HBASE-2257) [stargate] multiuser mode

Tue, 23 Feb 2010 22:39:51 -0800 

     [ 
https://issues.apache.org/jira/browse/HBASE-2257?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Andrew Purtell updated HBASE-2257:
----------------------------------

    Attachment: HBASE-2257.patch

Attached patch provides an alternate operating mode, which can be optionally 
enabled, that provides some simple user isolation. When enabled, access tokens 
must be added as the first element to the path. 

An access token is a 32 character hexadecimal string. They can be generated 
using any method but typically one would use MD5 to hash the username with 
salt. 

For example, where before a value may be accessed as:

{{/someTable/someRow/someColumn:qualifier}}

with multiuser mode enabled, it would be:

{{/d41d8cd98f00b204e9800998ecf8427e/someTable/someRow/someColumn:qualifier}}

Access tokens map to user accounts. This mapping is done by pluggable 
_authenticators_. Three authenticators are provided which support defining user 
accounts via 1) hbase-site.xml, 2) entries in a HBase table, or 3) entries in 
any data source with a JDBC driver, respectively. User accounts can have 
administrative privilege. They can also be temporarily disabled. 

If a user account has administrative privilege, table names given in the path 
are not modified. 

If a user account does not have administrative privilege, the typical case, 
then table names given in the path or in submitted data is transparently 
rewritten from {{<table>}} to {{<user-name> + "." + <table>}}, and vice versa. 
In this way each user has the illusion of a private namespace and one user 
cannot access the tables of another. 

> [stargate] multiuser mode
> -------------------------
>
>                 Key: HBASE-2257
>                 URL: https://issues.apache.org/jira/browse/HBASE-2257
>             Project: Hadoop HBase
>          Issue Type: Improvement
>            Reporter: Andrew Purtell
>            Assignee: Andrew Purtell
>             Fix For: 0.20.4
>
>         Attachments: HBASE-2257.patch
>
>
> Support an optional operating mode with simple user isolation.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to