[ https://issues.apache.org/jira/browse/HBASE-20886?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16553746#comment-16553746 ]
Reid Chan commented on HBASE-20886: ----------------------------------- The original thought of this issue comes from description. {quote} There're lots of questions about how to connect to kerberized hbase cluster through hbase client api from user-mail and slack channel. {quote} bq. where we smash some existing credentials in the JVM. If client plans to login 2 identities in one application, no matter this client runs hbase or not, his JVM will have credentials issue. As long as the same identity, from my knowledge, it is just a matter of expired time update, comparing to those long running job with numerous re-login, login one more time at the beginning does no harm. (But i already address this concern from v2, to reuse the login client if it exists) I'll address those comments and upload a new patch, if folks still think it unnecessary(-1) or "too helpful"(-0), i shall leave it. > [Auth] Support keytab login in hbase client > ------------------------------------------- > > Key: HBASE-20886 > URL: https://issues.apache.org/jira/browse/HBASE-20886 > Project: HBase > Issue Type: Improvement > Components: asyncclient, Client, security > Reporter: Reid Chan > Assignee: Reid Chan > Priority: Critical > Attachments: HBASE-20886.master.001.patch, > HBASE-20886.master.002.patch, HBASE-20886.master.003.patch, > HBASE-20886.master.004.patch > > > There're lots of questions about how to connect to kerberized hbase cluster > through hbase-client api from user-mail and slack channel. > {{hbase.client.keytab.file}} and {{hbase.client.keytab.principal}} are > already existed in code base, but they are only used in {{Canary}}. > This issue is to make use of two configs to support client-side keytab based > login, after this issue resolved, hbase-client should directly connect to > kerberized cluster without changing any code as long as > {{hbase.client.keytab.file}} and {{hbase.client.keytab.principal}} are > specified. -- This message was sent by Atlassian JIRA (v7.6.3#76005)