[ https://issues.apache.org/jira/browse/HBASE-10863?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ted Yu updated HBASE-10863: --------------------------- Attachment: 10863-v2.txt Patch v2 adopts review comments and was verified to work in a secure deployment. > Scan doesn't return rows for user who has authorization by visibility label > --------------------------------------------------------------------------- > > Key: HBASE-10863 > URL: https://issues.apache.org/jira/browse/HBASE-10863 > Project: HBase > Issue Type: Bug > Components: security > Affects Versions: 0.98.0 > Reporter: Ted Yu > Assignee: Ted Yu > Fix For: 0.98.1, 0.99.0 > > Attachments: 10863-v1.txt, 10863-v2.txt > > > *In secure deployment* of 0.98 tip, I did: > as user hbase: > {code} > add_labels 'A' > create 'tb', 'f1' > put 'tb', 'row', 'f1:q', 'v1', {VISIBILITY=>'A'} > set_auths 'oozie', ['A'] > {code} > as user oozie: > {code} > hbase(main):001:0> scan 'tb', { AUTHORIZATIONS => ['A']} > ROW COLUMN+CELL > 0 row(s) in 0.1030 seconds > {code} > Here is my config: > {code} > <property> > <name>hfile.format.version</name> > <value>3</value> > </property> > <property> > <name>hbase.coprocessor.master.classes</name> > > <value>org.apache.hadoop.hbase.security.visibility.VisibilityController</value> > </property> > <property> > <name>hbase.coprocessor.region.classes</name> > > <value>org.apache.hadoop.hbase.security.visibility.VisibilityController</value> > </property> > <property> > <name>hbase.regionserver.scan.visibility.label.generator.class</name> > > <value>org.apache.hadoop.hbase.security.visibility.DefaultScanLabelGenerator</value> > </property> > {code} -- This message was sent by Atlassian JIRA (v6.2#6252)