[
https://issues.apache.org/jira/browse/HBASE-12916?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14292889#comment-14292889
]
Srikanth Srungarapu commented on HBASE-12916:
---------------------------------------------
nit: In AccessController, is the following code block necessary?
{code}
+ @Override
+ public void
postReplicateLogEntries(ObserverContext<RegionServerCoprocessorEnvironment> ctx,
+ List<WALEntry> entries, CellScanner cells) throws IOException {
+ }
{code}
Also, is the post hook call in testReplicateLogEntries() really needed?
> No access control for replicating WAL entries
> ---------------------------------------------
>
> Key: HBASE-12916
> URL: https://issues.apache.org/jira/browse/HBASE-12916
> Project: HBase
> Issue Type: Bug
> Components: Replication
> Affects Versions: 2.0.0, 0.94.26, 0.98.12
> Reporter: Liu Shaohui
> Assignee: Liu Shaohui
> Attachments: HBASE-12916-v1.diff, HBASE-12916-v2.diff
>
>
> Currently, there is no access control for replicating WAL entries in secure
> HBase cluster. Any authenticated user can write any data they want to any
> table of a secure cluster by using the replication api.
> Simple solution is to add permission check before replicating WAL entries.
> And only user with global write permission can replicate WAL entries to this
> cluster.
> Another option is adding "Replication" action in hbase and only user with
> "Replication" permission can replicate WAL entries to this cluster?
> [~apurtell]
> What's your suggestion? Thanks
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
