Implement token based DIGEST-MD5 authentication for MapReduce tasks
-------------------------------------------------------------------
Key: HBASE-3615
URL: https://issues.apache.org/jira/browse/HBASE-3615
Project: HBase
Issue Type: New Feature
Components: ipc, security
Reporter: Gary Helmling
HBase security currently supports Kerberos authentication for clients, but this
isn't sufficient for map-reduce interoperability, where tasks execute without
Kerberos credentials. In order to fully interoperate with map-reduce clients,
we will need to provide our own token authentication mechanism, mirroring the
Hadoop token authentication mechanisms. This will require obtaining an HBase
authentication token for the user when the job is submitted, serializing it to
a secure location, and then, at task execution, having the client or task code
de-serialize the stored authentication token and use that in the HBase client
authentication process.
A detailed implementation proposal is sketched out on the wiki:
http://wiki.apache.org/hadoop/Hbase/HBaseTokenAuthentication
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
