[
https://issues.apache.org/jira/browse/HBASE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15889348#comment-15889348
]
Pan Yuxuan commented on HBASE-17701:
------------------------------------
[~elserj] [~jerryhe]
Thanks for your remind of the JIRA HBASE-5291.
But I don't think they are the same. HBASE-5291 only support kerberos
authentication, but in hadoop-auth, there are some other kinds of
anthentication, such as token.
If HBase uses AuthenticationFilter, HBase will load the
hadoop.http.authentication.* configurations from core-site.xml, in that way,
the HBase ui can be authenticated by the way hadoop does.
> Add HadoopAuthFilterInitializer to use hadoop-auth AuthenticationFilter for
> hbase web ui
> ----------------------------------------------------------------------------------------
>
> Key: HBASE-17701
> URL: https://issues.apache.org/jira/browse/HBASE-17701
> Project: HBase
> Issue Type: Improvement
> Components: UI
> Affects Versions: 1.2.4
> Reporter: Pan Yuxuan
> Attachments: HBASE-17701.v1.patch
>
>
> The HBase web UI is none secure by default, there is only one
> StaticUserWebFilter for a fake user.
> For Hadoop, we already have AuthenticationFilter for web authentication based
> on token or kerberos. So I think hbase can reuse the hadoop-auth
> AuthenticationFilter by adding a HadoopAuthFilterInitializer.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
