[
https://issues.apache.org/jira/browse/HBASE-9866?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13813365#comment-13813365
]
Devaraj Das commented on HBASE-9866:
------------------------------------
Definitely, we need to be careful about configuring things with the potential
security holes in mind. Also, one can choose to disable this by not configuring
the proxy user settings for the REST server. Right?
> Support the mode where REST server authorizes proxy users
> ---------------------------------------------------------
>
> Key: HBASE-9866
> URL: https://issues.apache.org/jira/browse/HBASE-9866
> Project: HBase
> Issue Type: Improvement
> Reporter: Devaraj Das
> Assignee: Devaraj Das
> Fix For: 0.96.1
>
> Attachments: 9866-1.txt
>
>
> In one use case, someone was trying to authorize with the REST server as a
> proxy user. That mode is not supported today.
> The curl request would be something like (assuming SPNEGO auth) -
> {noformat}
> curl -i --negotiate -u : http://<HOST>:<PORT>/version/cluster?doas=<USER>
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.1#6144)
