[jira] [Updated] (HBASE-15145) HBCK and Replication should authenticate to zookepeer using server principal

Enis Soztutar (JIRA) Wed, 20 Jan 2016 17:55:54 -0800

     [ 
https://issues.apache.org/jira/browse/HBASE-15145?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Enis Soztutar updated HBASE-15145:
----------------------------------
    Attachment: hbase-15145_v2.patch

v2 patch fixes the problem for shell as well as zkcli (or any other hbase 
command). 

> HBCK and Replication should authenticate to zookepeer using server principal
> ----------------------------------------------------------------------------
>
>                 Key: HBASE-15145
>                 URL: https://issues.apache.org/jira/browse/HBASE-15145
>             Project: HBase
>          Issue Type: Bug
>            Reporter: Enis Soztutar
>            Assignee: Enis Soztutar
>             Fix For: 2.0.0, 1.2.0, 1.3.0, 1.1.4
>
>         Attachments: hbase-15145_v1.patch, hbase-15145_v2.patch
>
>
> In secure clusters, we protect znodes with the server principal in zk. 
> However, if a user wants to add a replication peer or run HBCK, then she will 
> get Auth exception. This was not a problem due to an earlier bug. 
> For replication, the long term fix is HBASE-11392. However, we should still 
> have a way to launch zkcli with the server principals for manual inspection / 
> manipulation. 
> HBCK should always assume the server principals. 
> Thanks [~Koelli] for reporting this. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (HBASE-15145) HBCK and Replication should authenticate to zookepeer using server principal

Reply via email to