[
https://issues.apache.org/jira/browse/HBASE-23312?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16982170#comment-16982170
]
Karthik Palanisamy commented on HBASE-23312:
--------------------------------------------
[~elserj] [~krisden]
Just curious. going forward, do we really depend on Hadoop utils
org.apache.hadoop.security.SecurityUtil? Can we use HBase util
org.apache.hadoop.hbase.security.SecurityUtil instead? but yeah we need to
introduce same function something similar
[ref|[https://github.com/karthikhw/hbase/blob/HBASE-23343/hbase-server/src/main/java/org/apache/hadoop/hbase/security/SecurityUtil.java#L54]]
> HBase Thrift SPNEGO configs (HBASE-19852) should be backwards compatible
> ------------------------------------------------------------------------
>
> Key: HBASE-23312
> URL: https://issues.apache.org/jira/browse/HBASE-23312
> Project: HBase
> Issue Type: Bug
> Components: Thrift
> Affects Versions: 3.0.0, 2.1.1, 2.1.2, 2.1.3, 2.1.4, 2.1.5, 2.1.6, 2.1.7,
> 2.1.8
> Reporter: Kevin Risden
> Assignee: Kevin Risden
> Priority: Major
> Fix For: 3.0.0, 2.3.0, 2.2.3
>
> Attachments: HBASE-23312.master.001.patch
>
>
> HBASE-19852 is not backwards compatible since it now requires the SPNEGO
> thrift configs. I haven't seen anything in Apache HBase about changing this
> so that the older configs still work with a merged keytab. (fall back to the
> non SPNEGO specific principal/keytab configs)
> I wrote the original patch in HBASE-19852 and with hindsight being 20/20, I
> think this section of could be extended to fall back to not requiring the
> additional configs.
> https://github.com/apache/hbase/blame/master/hbase-thrift/src/main/java/org/apache/hadoop/hbase/thrift/ThriftHttpServlet.java#L78
> Supporting the older configs allows upgrade from HBase 1.x to 2.x without
> needing to change the configs ahead of time. I'll make sure to log a
> deprecation warning if the older configs are used.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
