[
https://issues.apache.org/jira/browse/HBASE-3615?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andrew Purtell updated HBASE-3615:
----------------------------------
Fix Version/s: 0.92.0
Assignee: Gary Helmling
Bringing into 0.92.
> Implement token based DIGEST-MD5 authentication for MapReduce tasks
> -------------------------------------------------------------------
>
> Key: HBASE-3615
> URL: https://issues.apache.org/jira/browse/HBASE-3615
> Project: HBase
> Issue Type: New Feature
> Components: ipc, security
> Reporter: Gary Helmling
> Assignee: Gary Helmling
> Fix For: 0.92.0
>
>
> HBase security currently supports Kerberos authentication for clients, but
> this isn't sufficient for map-reduce interoperability, where tasks execute
> without Kerberos credentials. In order to fully interoperate with map-reduce
> clients, we will need to provide our own token authentication mechanism,
> mirroring the Hadoop token authentication mechanisms. This will require
> obtaining an HBase authentication token for the user when the job is
> submitted, serializing it to a secure location, and then, at task execution,
> having the client or task code de-serialize the stored authentication token
> and use that in the HBase client authentication process.
> A detailed implementation proposal is sketched out on the wiki:
> http://wiki.apache.org/hadoop/Hbase/HBaseTokenAuthentication
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
