[jira] [Commented] (HBASE-14700) Support a "permissive" mode for secure clusters to allow "simple" auth clients

Sat, 31 Oct 2015 01:01:10 -0700 

    [ 
https://issues.apache.org/jira/browse/HBASE-14700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14983894#comment-14983894
 ] 

Hudson commented on HBASE-14700:
--------------------------------

FAILURE: Integrated in HBase-Trunk_matrix #416 (See 
[https://builds.apache.org/job/HBase-Trunk_matrix/416/])
HBASE-14700 Support a permissive mode for secure clusters to allow (garyh: rev 
683f84e6a217dfd872e5f1be82c7aa4cdf232ec1)
* hbase-common/src/main/resources/hbase-default.xml
* hbase-server/src/main/java/org/apache/hadoop/hbase/ipc/MetricsHBaseServer.java
* hbase-server/src/test/java/org/apache/hadoop/hbase/security/TestSecureRPC.java
* 
hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/RSRpcServices.java
* 
hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/HRegionServer.java
* 
hbase-hadoop-compat/src/main/java/org/apache/hadoop/hbase/ipc/MetricsHBaseServerSource.java
* hbase-server/src/main/java/org/apache/hadoop/hbase/ipc/RpcServer.java
* 
hbase-hadoop2-compat/src/main/java/org/apache/hadoop/hbase/ipc/MetricsHBaseServerSourceImpl.java


> Support a "permissive" mode for secure clusters to allow "simple" auth clients
> ------------------------------------------------------------------------------
>
>                 Key: HBASE-14700
>                 URL: https://issues.apache.org/jira/browse/HBASE-14700
>             Project: HBase
>          Issue Type: Improvement
>          Components: security
>            Reporter: Gary Helmling
>            Assignee: Gary Helmling
>             Fix For: 2.0.0, 1.2.0, 0.98.16
>
>         Attachments: HBASE-14700-v2.patch, HBASE-14700-v3.patch, 
> HBASE-14700.patch
>
>
> When implementing HBase security for an existing cluster, it can be useful to 
> support mixed secure and insecure clients while all client configurations are 
> migrated over to secure authentication.  
> We currently have an option to allow secure clients to fallback to simple 
> auth against insecure clusters.  By providing an analogous setting for 
> servers, we would allow a phased rollout of security:
> # First, security can be enabled on the cluster servers, with the 
> "permissive" mode enabled
> # Clients can be converting to using secure authentication incrementally
> # The server audit logs allow identification of clients still using simple 
> auth to connect
> # Finally, when sufficient clients have been converted to secure operation, 
> the server-side "permissive" mode can be removed, allowing completely secure 
> operation.
> Obviously with this enabled, there is no effective access control, but this 
> would still be a useful tool to enable a smooth operational rollout of 
> security.  Permissive mode would of course be disabled by default.  Enabling 
> it should provide a big scary warning in the logs on startup, and possibly be 
> flagged on relevant UIs.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to