[ https://issues.apache.org/jira/browse/HBASE-3615?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andrew Purtell updated HBASE-3615: ---------------------------------- Fix Version/s: 0.92.0 Assignee: Gary Helmling Bringing into 0.92. > Implement token based DIGEST-MD5 authentication for MapReduce tasks > ------------------------------------------------------------------- > > Key: HBASE-3615 > URL: https://issues.apache.org/jira/browse/HBASE-3615 > Project: HBase > Issue Type: New Feature > Components: ipc, security > Reporter: Gary Helmling > Assignee: Gary Helmling > Fix For: 0.92.0 > > > HBase security currently supports Kerberos authentication for clients, but > this isn't sufficient for map-reduce interoperability, where tasks execute > without Kerberos credentials. In order to fully interoperate with map-reduce > clients, we will need to provide our own token authentication mechanism, > mirroring the Hadoop token authentication mechanisms. This will require > obtaining an HBase authentication token for the user when the job is > submitted, serializing it to a secure location, and then, at task execution, > having the client or task code de-serialize the stored authentication token > and use that in the HBase client authentication process. > A detailed implementation proposal is sketched out on the wiki: > http://wiki.apache.org/hadoop/Hbase/HBaseTokenAuthentication -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira