joshelser commented on issue #936: HBASE-17115 Define UI admins via an ACL URL: https://github.com/apache/hbase/pull/936#issuecomment-565191500 Testing I've done: * New unit tests * Explicit admin user defined in configuration (`hbase.security.authentication.spnego.admin.users`) * `curl` with both the admin and a non-admin * The above along with `hbase.master.ui.readonly=true` as well. If admins are set, that will limit who can interact with sensitive endpoints. Setting readonly=true will further restrict the system and disallow anyone (including admins) from modifying hbase via the UI. I think this maintains all of the previous semantics folks would expect, while letting the security-conscious lock things down.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services