[
https://issues.apache.org/jira/browse/HBASE-14579?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14979374#comment-14979374
]
Gary Helmling commented on HBASE-14579:
---------------------------------------
Does this also happen for users authenticated with authentication tokens
("auth:SIMPLE" instead of "auth:TOKEN" or "auth:DIGEST")? Over in HBASE-14700,
I'm looking at a related change to the audit log for authenticated users.
> Users authenticated with KERBEROS are recorded as being authenticated with
> SIMPLE
> ---------------------------------------------------------------------------------
>
> Key: HBASE-14579
> URL: https://issues.apache.org/jira/browse/HBASE-14579
> Project: HBase
> Issue Type: Bug
> Components: security
> Affects Versions: 1.0.0, 1.2.0, 0.98.15
> Reporter: Nicolas Liochon
> Assignee: Nicolas Liochon
> Priority: Minor
> Fix For: 2.0.0
>
> Attachments: hbase-14579.patch
>
>
> That's the HBase version of HADOOP-10683.
> We see:
> ??hbase.Server (RpcServer.java:saslReadAndProcess(1446)) - Auth successful
> for securedUser/localh...@example.com (auth:SIMPLE)??
> while we would like to see:
> ??hbase.Server (RpcServer.java:saslReadAndProcess(1446)) - Auth successful
> for securedUser/localh...@example.com (auth:KERBEROS)??
> The fix is simple, but it means we need hadoop 2.5+.
> There is also a lot of cases where HBase calls "createUser" w/o specifying
> the authentication method... I don"'t have the solution for these ones.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
