[
https://issues.apache.org/jira/browse/HBASE-14122?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14652796#comment-14652796
]
Jerry He commented on HBASE-14122:
----------------------------------
Looks good overall.
We have AccessControlClient and VisibilityClient, which all go directly to the
co-processor security endpoints. If calls are made while the security endpoints
were not installed, they will get exception like:
org.apache.hadoop.hbase.exceptions.UnknownProtocolException: No registered
coprocessor service found for name ...
On the shell side, the security commands (grant, revoke) will error out based
on the non-existence of 'hbase:acl' table: DISABLED: Security features are not
available
The visibility command will error out based on the non-existence of
'hbase:labels' table: DISABLED: Visibility labels feature is not available
Should all these be refactored to use the new master API for checking security
support?
> Client API for determining if server side supports cell level security
> ----------------------------------------------------------------------
>
> Key: HBASE-14122
> URL: https://issues.apache.org/jira/browse/HBASE-14122
> Project: HBase
> Issue Type: Improvement
> Reporter: Andrew Purtell
> Assignee: Andrew Purtell
> Priority: Minor
> Fix For: 2.0.0, 0.98.14, 1.2.0, 1.3.0
>
> Attachments: HBASE-14122-0.98.patch, HBASE-14122-branch-1.patch,
> HBASE-14122.patch, HBASE-14122.patch
>
>
> Add a client API for determining if the server side supports cell level
> security.
> Ask the master, assuming as we do in many other instances that the master and
> regionservers all have a consistent view of site configuration.
> Return {{true}} if all features required for cell level security are present,
> {{false}} otherwise, or throw {{UnsupportedOperationException}} if the master
> does not have support for the RPC call.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
