[ https://issues.apache.org/jira/browse/HBASE-16700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15713677#comment-15713677 ]
Enis Soztutar commented on HBASE-16700: --------------------------------------- Thanks Clay for the updated patches. Looks pretty good to commit. Just some last items: - We should remove this (assuming that you added that for debugging): {code} + static { + Logger.getLogger(CoprocessorWhitelistMasterObserver.class).setLevel(Level.TRACE); + Logger.getLogger("org.apache.hbase.server").setLevel(Level.TRACE); + } {code} - Can you please refactor var names like {{coproc_path}} to camelCase. - Did you want to enable this test? {code} +// @Test + @Category(MediumTests.class) + public void testCreationClasspathCoprocessor() throws Exception { {code} - great doc! > Allow for coprocessor whitelisting > ---------------------------------- > > Key: HBASE-16700 > URL: https://issues.apache.org/jira/browse/HBASE-16700 > Project: HBase > Issue Type: Improvement > Components: Coprocessors > Reporter: Clay B. > Priority: Minor > Labels: security > Attachments: HBASE-16700.000.patch, HBASE-16700.001.patch, > HBASE-16700.002.patch, HBASE-16700.003.patch, HBASE-16700.004.patch, > HBASE-16700.005.patch, HBASE-16700.006.patch, HBASE-16700.007.patch > > > Today one can turn off all non-system coprocessors with > {{hbase.coprocessor.user.enabled}} however, this disables very useful things > like Apache Phoenix's coprocessors. Some tenants of a multi-user HBase may > also need to run bespoke coprocessors. But as an operator I would not want > wanton coprocessor usage. Ideally, one could do one of two things: > * Allow coprocessors defined in {{hbase-site.xml}} -- this can only be > administratively changed in most cases > * Allow coprocessors from table descriptors but only if the coprocessor is > whitelisted -- This message was sent by Atlassian JIRA (v6.3.4#6332)