Gary Helmling created HBASE-15025:
-------------------------------------
Summary: Allow clients configured with insecure fallback to
attempt SIMPLE auth when KRB fails
Key: HBASE-15025
URL: https://issues.apache.org/jira/browse/HBASE-15025
Project: HBase
Issue Type: Improvement
Components: security
Reporter: Gary Helmling
Assignee: Gary Helmling
We have separate configurations for both client and server allowing a
"permissive" mode where connections to insecure servers and clients
(respectively) are allowed. However, if both client and server are configured
for Kerberos authentication for a given cluster, and Kerberos authentication
fails, the connection will still fail if the fallback configurations are set to
true.
If the client is configured to allow insecure fallback, and Kerberos
authentication fails, we could instead have the client retry with SIMPLE auth.
If the server is also configured to allow insecure fallback, this would allow
the connection to succeed in the case of transient problems with Kerberos
infrastructure, for example.
There is of course a danger that this would allow misconfigurations of security
to be silently ignored, but we can add some loud logging on the client side
when fallback to SIMPLE auth occurs, plus we have metrics and logging on the
server side for fallbacks.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
