[
https://issues.apache.org/jira/browse/HBASE-8662?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13688600#comment-13688600
]
Jimmy Xiang commented on HBASE-8662:
------------------------------------
Sure, I can reuse the AuthFilter. I can get the https support related code as
well.
As to proxy users per method, the issue is some security concern. Should we do
the authorization check for each method based on the proxy users? If so, it
may be too expensive. Currently, the proxy user authorization could check the
user's group based on the setting.
> [rest] support impersonation
> ----------------------------
>
> Key: HBASE-8662
> URL: https://issues.apache.org/jira/browse/HBASE-8662
> Project: HBase
> Issue Type: Sub-task
> Components: REST, security
> Reporter: Jimmy Xiang
> Assignee: Jimmy Xiang
> Fix For: 0.98.0
>
> Attachments: method_doas.patch, secure_rest.patch, trunk-8662.patch,
> trunk-8662_v2.patch, trunk-8662_v3.patch
>
>
> Currently, our client API uses a fixed user: the current user. It should
> accept a user passed in, if authenticated.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
