[
https://issues.apache.org/jira/browse/HBASE-9706?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Eric Yang updated HBASE-9706:
-----------------------------
Description: HBase client code assumes ZooKeeper is secured, as long as
there is a java.security.auth.login.config property being set. When HBase
client is embedded in other java program with other security configuration, it
can produce wrong assumption that ZooKeeper is secured. Ideally,
isSecureZooKeeper method should detect Jaas configuration specifically for
ZooKeeper to ensure that client program doesn't have a false positive
detection. (was: HBase client code assumes ZooKeeper is secured, as long as
there is a java.security.auth.login.config property being set. When HBase
client is embedded in other java program with other security configuration, it
can produce wrong assumption that ZooKeeper is secured. Ideally,
isSecureZooKeeper method should detect Jaas configuration specifically for
ZooKeeper to ensure that client program don't have a false positive detection.)
> Improve detection of secure ZooKeeper
> -------------------------------------
>
> Key: HBASE-9706
> URL: https://issues.apache.org/jira/browse/HBASE-9706
> Project: HBase
> Issue Type: Bug
> Components: Client
> Affects Versions: 0.94.4, 0.95.0
> Environment: Java 6, RHEL, HBase 0.94.9
> Reporter: Eric Yang
>
> HBase client code assumes ZooKeeper is secured, as long as there is a
> java.security.auth.login.config property being set. When HBase client is
> embedded in other java program with other security configuration, it can
> produce wrong assumption that ZooKeeper is secured. Ideally,
> isSecureZooKeeper method should detect Jaas configuration specifically for
> ZooKeeper to ensure that client program doesn't have a false positive
> detection.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
