Clay B. created HBASE-21591:
-------------------------------
Summary: Support ability to have host based permissions
Key: HBASE-21591
URL: https://issues.apache.org/jira/browse/HBASE-21591
Project: HBase
Issue Type: Improvement
Components: security
Reporter: Clay B.
Assignee: Clay B.
Today, one can put in an ACL rule where a user is not permitted to read data
but can insert data (e.g. {{grant 'user', 'table', 'W'}}). However, one can not
implement HBase as a "drop-box" for data where by in a secure network, one can
read and write data but outside that secure network one can only write data;
and I do not believe this is possible with custom access controllers, unless
one "wraps" HBase; e.g. with the HBase REST server.
I have been pushing for this model (e.g. [Of Data Dropboxes and Data
Gloveboxes|https://thestrangeloop.com/2018/of-data-dropboxes-and-data-gloveboxes.html]
or
[slides|http://clayb.net/presentations/Of%20Data%20Dropboxes%20and%20Data%20Gloveboxes.pdf])
in a number of technologies for some data compartmentalization initiatives.
I propose passing the requester's host information through the HBase
authentication stack so that the ACL model in HBase can work akin to the SQL
semantics of {{user@host}} or {{user@<anywhere>}}.The expected impact would be
to HBase private interfaces only, so far in POC'ing it seems the following
would be impacted:
Access Control Classes/ACL Table Management:
* AccessControlUtil
* UserPermission
* AccessChecker
* AccessControlFilter
* AccessController
* AuthResult
* TableAuthManager
* AccessControl.proto
Co-Processor APIs for Checking Authentication:
* CoprocessorHost
* ObserverContext
* ObserverContextImpl
* RSRpcServices
* RSGroupAdminEndpoint
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
