[
https://issues.apache.org/jira/browse/HBASE-8660?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13673300#comment-13673300
]
Jimmy Xiang commented on HBASE-8660:
------------------------------------
Very good points. HTTPS will add overhead for sure. Fortunately, it is
optional, and SPNEGO/Kerbos doesn't require HTTPS. So HTTPS can be enabled
only if it is absolutely needed.
> [rest] support secure REST access
> ---------------------------------
>
> Key: HBASE-8660
> URL: https://issues.apache.org/jira/browse/HBASE-8660
> Project: HBase
> Issue Type: Improvement
> Components: REST, security
> Reporter: Jimmy Xiang
>
> REST interface is accessed over http, which is most likely done from outside
> of a HBase cluster, perhaps over internet. It will be great if we can make
> it secure. To be secure, we need to:
> 1. authenticate the caller,
> 2. check authorization if needed,
> 3. make the connection secure (https)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
