[
https://issues.apache.org/jira/browse/HBASE-4791?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13534509#comment-13534509
]
Lars Hofhansl commented on HBASE-4791:
--------------------------------------
I have a hazy understanding about what is going on. What's bad about using
jaas.conf? What's the implication of not backporting?
If you're happy with this being backported and promise it won't break existing
configurations... Let's backport.
> Allow Secure Zookeeper JAAS configuration to be programmatically set (rather
> than only by reading JAAS configuration file)
> --------------------------------------------------------------------------------------------------------------------------
>
> Key: HBASE-4791
> URL: https://issues.apache.org/jira/browse/HBASE-4791
> Project: HBase
> Issue Type: Improvement
> Components: security, Zookeeper
> Reporter: Eugene Koontz
> Assignee: Matteo Bertozzi
> Labels: security, zookeeper
> Fix For: 0.96.0
>
> Attachments: DemoConfig.java, HBASE-4791-v1.patch,
> HBASE-4791-v2.patch, HBASE-4791-v3.patch, HBASE-4791-v4-0.94.patch,
> HBASE-4791-v4.patch, HBASE-4791-v4.patch
>
>
> In the currently proposed fix for HBASE-2418, there must be a JAAS file
> specified in System.setProperty("java.security.auth.login.config").
> However, it might be preferable to construct a JAAS configuration
> programmatically, as is done with secure Hadoop (see
> https://github.com/apache/hadoop-common/blob/a48eceb62c9b5c1a5d71ee2945d9eea2ed62527b/src/java/org/apache/hadoop/security/UserGroupInformation.java#L175).
> This would have the benefit of avoiding a usage of a system property setting,
> and allow instead an HBase-local configuration setting.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
