[
https://issues.apache.org/jira/browse/HBASE-2016?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13817750#comment-13817750
]
Gary Helmling commented on HBASE-2016:
--------------------------------------
It would certainly be possible to implement your own proxy, as Andy describes,
which would need its own kerberos credentials and would perform its own
authentication of clients. But that doesn't seem like core HBase
functionality. Instead it's putting a proxy in place in order to circumvent
security.
I think the direction for HBase will be to support pluggable authentication of
clients at the RPC layer, using the same mechanisms under development for
Hadoop, but unfortunately that may be some time away.
> [DAC] Authentication
> --------------------
>
> Key: HBASE-2016
> URL: https://issues.apache.org/jira/browse/HBASE-2016
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Reporter: Andrew Purtell
> Assignee: Gary Helmling
>
> Follow what Hadoop is doing. Authentication via JAAS:
> http://issues.apache.org/jira/browse/HADOOP-6299
>
> http://java.sun.com/javase/6/docs/technotes/guides/security/jaas/JAASRefGuide.html
> Should support Kerberos, Unix, and LDAP authentication options.
> Integrate with authentication mechanisms for IPC and HDFS.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
