Clay B. created HBASE-21591: ------------------------------- Summary: Support ability to have host based permissions Key: HBASE-21591 URL: https://issues.apache.org/jira/browse/HBASE-21591 Project: HBase Issue Type: Improvement Components: security Reporter: Clay B. Assignee: Clay B.
Today, one can put in an ACL rule where a user is not permitted to read data but can insert data (e.g. {{grant 'user', 'table', 'W'}}). However, one can not implement HBase as a "drop-box" for data where by in a secure network, one can read and write data but outside that secure network one can only write data; and I do not believe this is possible with custom access controllers, unless one "wraps" HBase; e.g. with the HBase REST server. I have been pushing for this model (e.g. [Of Data Dropboxes and Data Gloveboxes|https://thestrangeloop.com/2018/of-data-dropboxes-and-data-gloveboxes.html] or [slides|http://clayb.net/presentations/Of%20Data%20Dropboxes%20and%20Data%20Gloveboxes.pdf]) in a number of technologies for some data compartmentalization initiatives. I propose passing the requester's host information through the HBase authentication stack so that the ACL model in HBase can work akin to the SQL semantics of {{user@host}} or {{user@<anywhere>}}.The expected impact would be to HBase private interfaces only, so far in POC'ing it seems the following would be impacted: Access Control Classes/ACL Table Management: * AccessControlUtil * UserPermission * AccessChecker * AccessControlFilter * AccessController * AuthResult * TableAuthManager * AccessControl.proto Co-Processor APIs for Checking Authentication: * CoprocessorHost * ObserverContext * ObserverContextImpl * RSRpcServices * RSGroupAdminEndpoint -- This message was sent by Atlassian JIRA (v7.6.3#76005)