[ https://issues.apache.org/jira/browse/HBASE-17513?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16297803#comment-16297803 ]
Reid Chan commented on HBASE-17513: ----------------------------------- Thank you [~tedyu]. Hi [~busbey], would you mind taking some time to have a look. > Thrift Server 1 uses different QOP settings than RPC and Thrift Server 2 and > can easily be misconfigured so there is no encryption when the operator > expects it. > ---------------------------------------------------------------------------------------------------------------------------------------------------------------- > > Key: HBASE-17513 > URL: https://issues.apache.org/jira/browse/HBASE-17513 > Project: HBase > Issue Type: Bug > Components: documentation, security, Thrift, Usability > Affects Versions: 2.0.0, 1.2.0, 1.3.0, 0.98.15, 1.0.3, 1.1.3 > Reporter: Sean Busbey > Assignee: Reid Chan > Priority: Critical > Fix For: 2.0.0, 1.3.2, 1.4.1, 1.2.8 > > Attachments: HBASE-17513.branch-1.001.patch, > HBASE-17513.master.001.patch, HBASE-17513.master.002.patch > > > As of HBASE-14400 the setting {{hbase.thrift.security.qop}} was unified to > behave the same as the general HBase RPC protection. However, this only > happened for the Thrift2 server. The Thrift server found in the thrift > package (aka Thrift Server 1) still hard codes the old configs of 'auth', > 'auth-int', and 'auth-conf'. > Additionally, these Quality of Protection (qop) settings are used only by the > SASL transport. If a user configures the HBase Thrift Server to make use of > the HTTP transport (to enable doAs proxying e.g. for Hue) then a QOP setting > of 'privacy' or 'auth-conf' won't get them encryption as expected. > We should > 1) update {{hbase-thrift/src/main/.../thrift/ThriftServerRunner}} to rely on > {{SaslUtil}} to use the same 'authentication', 'integrity', 'privacy' configs > in a backward compatible way > 2) also have ThriftServerRunner warn when both {{hbase.thrift.security.qop}} > and {{hbase.regionserver.thrift.http}} are set, since the latter will cause > the former to be ignored. (users should be directed to > {{hbase.thrift.ssl.enabled}} and related configs to ensure their transport is > encrypted when using the HTTP transport.) -- This message was sent by Atlassian JIRA (v6.4.14#64029)