[ https://issues.apache.org/jira/browse/HBASE-24190?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
zhangbuzhang updated HBASE-24190: --------------------------------- Description: In hbase-20586 (https://issues.apache.org/jira/browse/HBASE-20586) (commit_sha: [https://github.com/apache/hbase/commit/cd61bcc0] ) The code added ([SyncTable.java|https://github.com/apache/hbase/commit/cd61bcc0#diff-d1b79635f33483bf6226609e91fd1cc3]) for the use of *hbase.security.authentication* is case-sensitive. So users setting it to “KERBEROS” won’t take effect. !截屏2020-04-14下午7.57.45.png|width=531,height=176! However, in current code base, other uses of *hbase.security.authentication* are all case-insensitive. For example in *MasterFileSystem.java.* public MasterFileSystem(Configuration conf) throws IOException { ... this.isSecurityEnabled = "kerberos".equalsIgnoreCase(conf.get("hbase.security.authentication")); ... } The doc in GitHub repo is also misleading Users may misconfigured the parameter because of the case-senstive problem. *How To Fix* Using *eqaulsIgnoreCase* API consistently in every place when using *hbase.security.authentication* or make it clear in Doc. (Current doc doesn't mention it clearly) was: In hbase-20586 (https://issues.apache.org/jira/browse/HBASE-20586) (commit_sha: [https://github.com/apache/hbase/commit/cd61bcc0] ) The code added ([SyncTable.java|https://github.com/apache/hbase/commit/cd61bcc0#diff-d1b79635f33483bf6226609e91fd1cc3]) for the use of *hbase.security.authentication* is case-sensitive. So users setting it to “KERBEROS” won’t take effect. private void initCredentialsForHBase(String zookeeper, Job job) throws IOException { Configuration peerConf = HBaseConfiguration.createClusterConf(job .getConfiguration(), zookeeper); if(peerConf.get("hbase.security.authentication").equals("kerberos")){ TableMapReduceUtil.initCredentialsForCluster(job, peerConf); } } However, in current code base, other uses of *hbase.security.authentication* are all case-insensitive. For example in *MasterFileSystem.java.* public MasterFileSystem(Configuration conf) throws IOException { ... this.isSecurityEnabled = "kerberos".equalsIgnoreCase(conf.get("hbase.security.authentication")); ... } Users may misconfigured the parameter because of the case-senstive problem. *How To Fix* Using *eqaulsIgnoreCase* API consistently in every place when using *hbase.security.authentication* or make it clear in Doc. (Current doc doesn't mention it clearly) > Case-sensitive use of configuration parameter hbase.security.authentication > --------------------------------------------------------------------------- > > Key: HBASE-24190 > URL: https://issues.apache.org/jira/browse/HBASE-24190 > Project: HBase > Issue Type: Bug > Components: conf > Reporter: zhangbuzhang > Priority: Major > > In hbase-20586 (https://issues.apache.org/jira/browse/HBASE-20586) > (commit_sha: [https://github.com/apache/hbase/commit/cd61bcc0] ) > The code added > ([SyncTable.java|https://github.com/apache/hbase/commit/cd61bcc0#diff-d1b79635f33483bf6226609e91fd1cc3]) > for the use of *hbase.security.authentication* is case-sensitive. So users > setting it to “KERBEROS” won’t take effect. > !截屏2020-04-14下午7.57.45.png|width=531,height=176! > > However, in current code base, other uses of *hbase.security.authentication* > are all case-insensitive. For example in *MasterFileSystem.java.* > public MasterFileSystem(Configuration conf) throws IOException > { ... this.isSecurityEnabled = > "kerberos".equalsIgnoreCase(conf.get("hbase.security.authentication")); ... } > The doc in GitHub repo is also misleading > > Users may misconfigured the parameter because of the case-senstive problem. > *How To Fix* > Using *eqaulsIgnoreCase* API consistently in every place when using > *hbase.security.authentication* or make it clear in Doc. (Current doc doesn't > mention it clearly) -- This message was sent by Atlassian Jira (v8.3.4#803005)