Apekshit Sharma created HBASE-14400:
---------------------------------------
Summary: Fix HBase RPC protection
Key: HBASE-14400
URL: https://issues.apache.org/jira/browse/HBASE-14400
Project: HBase
Issue Type: Bug
Components: encryption, rpc, security
Reporter: Apekshit Sharma
Assignee: Apekshit Sharma
Priority: Critical
HBase configuration 'hbase.rpc.protection' can be set to 'authentication',
'integrity' or 'privacy'.
"authentication means authentication only and no integrity or privacy;
integrity implies
authentication and integrity are enabled; and privacy implies all of
authentication, integrity and privacy are enabled."
However hbase ref guide incorrectly suggests in some places to set the value to
'auth-conf' instead of 'privacy'. Setting value to 'auth-conf' doesn't provide
rpc encryption which is what user wants.
This jira will fix:
- documentation: change 'auth-conf' references to 'privacy'
- SaslUtil to support both set of values (privacy/integrity/authentication and
auth-conf/auth-int/auth) to be backward compatible with what was being
suggested till now.
- change 'hbase.thrift.security.qop' to be consistent with other similar
configurations by using same set of values (privacy/integrity/authentication).
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
