[
https://issues.apache.org/jira/browse/HBASE-5343?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13202081#comment-13202081
]
Gary Helmling commented on HBASE-5343:
--------------------------------------
Adding coprocessor specific methods to {{HBaseAdmin}} completely undermines the
purpose of coprocessors as optionally enabled extensions, and fails to scale as
features are added. Having {{HBaseAdmin}} be a jumble of methods related to
specific coprocessors is not very user friendly either.
Security usage requires that {{SecureRpcEngine}} be loaded and that
{{AccessController}} be enabled. Yes, configuring these components is more
complicated than it needs to be right now. But providing interfaces to these
two optional components as a permanent part of the client-facing API presented
by {{HBaseAdmin}} is not the solution.
If {{AccessControllerProtocol}} is too difficult to work with, then I think we
would be better off with a simple client helper, like a {{SecurityClient}}
class similar to the {{Constraints}} helper that was implemented for the
constraints coprocessor.
> Access control API in HBaseAdmin.java
> ---------------------------------------
>
> Key: HBASE-5343
> URL: https://issues.apache.org/jira/browse/HBASE-5343
> Project: HBase
> Issue Type: Improvement
> Components: client, coprocessors, security
> Affects Versions: 0.94.0, 0.92.1
> Reporter: Enis Soztutar
> Assignee: Enis Soztutar
>
> To use the access control mechanism added in HBASE-3025, users should either
> use the shell interface, or use the coprocessor API directly, which is not
> very user friendly. We can add grant/revoke/user_permission commands similar
> to the shell interface to HBaseAdmin assuming HBASE-5341 is in.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
