[
https://issues.apache.org/jira/browse/HBASE-7357?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13532704#comment-13532704
]
Gary Helmling commented on HBASE-7357:
--------------------------------------
[~yuzhih...@gmail.com] That could be reasonable to do. While it's technically
possible to run HBase RPC with strong authentication without using strong auth
for HDFS, you're voiding most security guarantees by doing so.
> HBaseClient and HBaseServer should use hbase.security.authentication when
> negotiating authentication
> ----------------------------------------------------------------------------------------------------
>
> Key: HBASE-7357
> URL: https://issues.apache.org/jira/browse/HBASE-7357
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Gary Helmling
> Assignee: Gary Helmling
>
> This came up in the context of testing HBASE-6788. Currently HBaseClient and
> HBaseServer call UserGroupInformation.isSecurityEnabled() when determining
> whether or not to use SASL to negotiate connections. This means they are
> using the hadoop.security.authentication configuration value. Since this is
> in the context of HBase RPC connections, it seems more correct to use the
> hbase.security.authentication configuration value by calling
> User.isHBaseSecurityEnabled().
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
