[
https://issues.apache.org/jira/browse/HBASE-28501?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Istvan Toth updated HBASE-28501:
Description:
The current java client only supports the SPENGO authentication method.
This does not support the case when an application proxy like Apache Knox
performs AAA conversion from BASIC/DIGEST to kerberos authentication.
Add support for BASIC username/password auth the client.
Generally, the authentication code in the client looks quite backwards, it
seems that most of the kerberos / auth cookie code duplicates HttpClient
functionality. AFAICT setting HttpClient up (or letting user set it up) , and
letting it handle authentication by itself would be a better and more generic
solution.
-Also add support for specifying a prefix for the URL path.-
was:
The current java client only supports the SPENGO authentication method.
This does not support the case when an application proxy like Apache Knox
performs AAA conversion from BASIC/DIGEST to kerberos authentication.
Add support for BASIC username/password auth the client.
Generally, the authentication code in the client looks quite backwards, it
seems that most of the kerberos / auth cookie code duplicates HttpClient
functionality. AFAICT setting HttpClient up (or letting user set it up) , and
letting it handle authentication by itself would be a better and more generic
solution.
Also add support for specifying a prefix for the URL path.
> Support non-SPNEGO authentication methods in REST java client library
> -
>
> Key: HBASE-28501
> URL: https://issues.apache.org/jira/browse/HBASE-28501
> Project: HBase
> Issue Type: Improvement
> Components: REST
>Reporter: Istvan Toth
>Priority: Major
>
> The current java client only supports the SPENGO authentication method.
> This does not support the case when an application proxy like Apache Knox
> performs AAA conversion from BASIC/DIGEST to kerberos authentication.
> Add support for BASIC username/password auth the client.
> Generally, the authentication code in the client looks quite backwards, it
> seems that most of the kerberos / auth cookie code duplicates HttpClient
> functionality. AFAICT setting HttpClient up (or letting user set it up) , and
> letting it handle authentication by itself would be a better and more generic
> solution.
> -Also add support for specifying a prefix for the URL path.-
--
This message was sent by Atlassian Jira
(v8.20.10#820010)