[
https://issues.apache.org/jira/browse/HBASE-6068?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Matteo Bertozzi updated HBASE-6068:
-----------------------------------
Attachment: (was: HBASE-6068-v0.patch)
> Secure HBase cluster : Client not able to call some admin APIs
> --------------------------------------------------------------
>
> Key: HBASE-6068
> URL: https://issues.apache.org/jira/browse/HBASE-6068
> Project: HBase
> Issue Type: Bug
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Anoop Sam John
> Assignee: Matteo Bertozzi
> Attachments: HBASE-6068-v0.patch
>
>
> In case of secure cluster, we allow the HBase clients to read the zk nodes by
> providing the global read permissions to all for certain nodes. These nodes
> are the master address znode, root server znode and the clusterId znode. In
> ZKUtil.createACL() , we can see these node names are specially handled.
> But there are some other client side admin APIs which makes a read call into
> the zookeeper from the client. This include the isTableEnabled() call (May be
> some other. I have seen this). Here the client directly reads a node in the
> zookeeper ( node created for this table ) and the data is matched to know
> whether this is enabled or not.
> Now in secure cluster case any client can read zookeeper nodes which it needs
> for its normal operation like the master address and root server address.
> But what if the client calls this API? [isTableEnaled () ].
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
