[jira] [Commented] (HBASE-6068) Secure HBase cluster : Client not able to call some admin APIs

Fri, 01 Jun 2012 01:09:36 -0700 

    [ 
https://issues.apache.org/jira/browse/HBASE-6068?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13287246#comment-13287246
 ] 

Hudson commented on HBASE-6068:
-------------------------------

Integrated in HBase-0.92-security #109 (See 
[https://builds.apache.org/job/HBase-0.92-security/109/])
    HBASE-6068 Secure HBase cluster : Client not able to call some admin APIs 
(Revision 1344471)

     Result = SUCCESS
stack : 
Files : 
* /hbase/branches/0.92/CHANGES.txt
* 
/hbase/branches/0.92/src/main/java/org/apache/hadoop/hbase/zookeeper/ZKUtil.java

                
> Secure HBase cluster : Client not able to call some admin APIs
> --------------------------------------------------------------
>
>                 Key: HBASE-6068
>                 URL: https://issues.apache.org/jira/browse/HBASE-6068
>             Project: HBase
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 0.92.1, 0.94.0, 0.96.0
>            Reporter: Anoop Sam John
>            Assignee: Matteo Bertozzi
>             Fix For: 0.92.2, 0.94.1
>
>         Attachments: HBASE-6068-0.92.patch, HBASE-6068-v0.patch, 
> HBASE-6068-v1.patch, HBASE-6068-v2.patch, HBASE-6068-v3.patch
>
>
> In case of secure cluster, we allow the HBase clients to read the zk nodes by 
> providing the global read permissions to all for certain nodes. These nodes 
> are the master address znode, root server znode and the clusterId znode. In 
> ZKUtil.createACL() , we can see these node names are specially handled.
> But there are some other client side admin APIs which makes a read call into 
> the zookeeper from the client. This include the isTableEnabled() call (May be 
> some other. I have seen this).  Here the client directly reads a node in the 
> zookeeper ( node created for this table ) and the data is matched to know 
> whether this is enabled or not.
> Now in secure cluster case any client can read zookeeper nodes which it needs 
> for its normal operation like the master address and root server address.  
> But what if the client calls this API? [isTableEnaled () ].

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to