[
https://issues.apache.org/jira/browse/HBASE-14111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14630572#comment-14630572
]
Andrew Purtell commented on HBASE-14111:
----------------------------------------
That's not correct, if you have the AccessController running on the cluster and
ACLs set up, the REST gateway cannot bypass them, it is just another client. I
think you need to provide more detail on your setup.
> Enable HBase ACL in REST operations
> -----------------------------------
>
> Key: HBASE-14111
> URL: https://issues.apache.org/jira/browse/HBASE-14111
> Project: HBase
> Issue Type: Improvement
> Components: REST, security
> Reporter: Roberto Arias-Yacupoma
> Priority: Minor
> Labels: patch, security
>
> Currently for any operations performed by users through REST service, the
> internal HBase ACL is bypassed and users can perform any operation without
> security restrictions (they can view and insert data to any location).
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
