[
https://issues.apache.org/jira/browse/HBASE-11886?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14119389#comment-14119389
]
Devaraj Das commented on HBASE-11886:
-------------------------------------
In HBASE-11275, the code from AccessController#postCreateTable has been moved
to AccessController#postCreateTableHandler. The "owner" is obtained via a call
to {noformat}getActiveUser().getShortName(){noformat}. The owner is
subsequently used to update the ACL table with the permissions..
In the pre-HBASE-11275 case, the call getActiveUser would return the remote
user, whereas in the post-HBASE-11275 case, this would be the user the HBase
daemon is running as...
([~anoop.hbase], agree?)
> The creator of the table should have all permissions on the table
> -----------------------------------------------------------------
>
> Key: HBASE-11886
> URL: https://issues.apache.org/jira/browse/HBASE-11886
> Project: HBase
> Issue Type: Bug
> Affects Versions: 0.98.3
> Reporter: Devaraj Das
> Priority: Critical
> Fix For: 1.0.0, 0.98.6
>
>
> In our testing of 0.98.4 with security ON, we found that table creator
> doesn't have RWXCA on the created table. Instead, the user representing the
> HBase daemon gets all permissions. Due to this the table creator can't write
> to the table he just created. I am suspecting HBASE-11275 introduced the
> problem.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
