[
https://issues.apache.org/jira/browse/HBASE-12231?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14167769#comment-14167769
]
Aditya Kishore commented on HBASE-12231:
----------------------------------------
There are subtle differences between the two authentication mode, one being
HBase RPC authentication other Web authenticator, and same configuration would
exactly not apply by default.
For example the 'kerberos' mode at REST server would require and additional
"HTTP/_HOST@REALM" principal be created and specified. Hence I think these two
must remain decoupled.
> REST gateway authentication should be independent of Hadoop/HBase security
> configuration.
> -----------------------------------------------------------------------------------------
>
> Key: HBASE-12231
> URL: https://issues.apache.org/jira/browse/HBASE-12231
> Project: HBase
> Issue Type: Improvement
> Components: REST
> Affects Versions: 0.98.6.1
> Reporter: Aditya Kishore
> Assignee: Aditya Kishore
> Labels: authentication, security
> Attachments:
> HBASE-12231-REST-gateway-authentication-should-be-in.patch
>
>
> It is reasonable that a user would want to secure the HBase REST interface
> without having to incur the cost of securing the entire HBase/Hadoop
> ecosystem.
> The current implementation does not allow that and needs to be modified.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
