I know that there was talk on the Thrift mailing list of a SSL
wrapper for the socket transport. If that exists, and it's in Java,
it would be an easy addition and give you the secure side of things.
As far as authentication: as you're probably aware, at this point, we
don't really have any access control in HBase at all. So, for the
moment, if you need some sort of authentication, you're going to have
to do something above HBase. The simplest thing I can think of would
be to use firewall rules to allow traffic only from your other
systems - that is, wherever your PHP and Python scripts might be
running. It's not a perfect solution, but I think it's the best you
can get quickly.
-Bryan
On May 13, 2008, at 8:13 AM, Jim R. Wilson wrote:
Hi all,
For our project we're using Hbase's Thrift service for communication
between hbase and our web application (PHP) and maintenance scripts
(Python). I've got an hbase cluster setup in EC2, but I'm drawing a
blank on how to do the communication in a secure, authenticated way.
Does anyone have any ideas? Is there already a plugin or service I
can just lay on top of my existing hbase setup?
Thanks in advance for any help.
-- Jim R. Wilson (jimbojw)
