[ https://issues.apache.org/jira/browse/HBASE-3615?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gary Helmling resolved HBASE-3615. ---------------------------------- Resolution: Fixed Fix Version/s: 0.92.0 Since tokens are one of the possible authentication methods during RPC, this was included as part of the change for HBASE-2742. > Implement token based DIGEST-MD5 authentication for MapReduce tasks > ------------------------------------------------------------------- > > Key: HBASE-3615 > URL: https://issues.apache.org/jira/browse/HBASE-3615 > Project: HBase > Issue Type: New Feature > Components: ipc, security > Reporter: Gary Helmling > Assignee: Gary Helmling > Fix For: 0.92.0 > > Attachments: HBASE-3615.patch > > > HBase security currently supports Kerberos authentication for clients, but > this isn't sufficient for map-reduce interoperability, where tasks execute > without Kerberos credentials. In order to fully interoperate with map-reduce > clients, we will need to provide our own token authentication mechanism, > mirroring the Hadoop token authentication mechanisms. This will require > obtaining an HBase authentication token for the user when the job is > submitted, serializing it to a secure location, and then, at task execution, > having the client or task code de-serialize the stored authentication token > and use that in the HBase client authentication process. > A detailed implementation proposal is sketched out on the wiki: > http://wiki.apache.org/hadoop/Hbase/HBaseTokenAuthentication -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira