[ https://issues.apache.org/jira/browse/HBASE-8662?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13688686#comment-13688686 ]
Francis Liu commented on HBASE-8662: ------------------------------------ {quote} but needs to authorize the user {quote} If you're talking about the proxyUsers.authorize() call as I mentioned earlier all the information needed to do the check is cached. So this shouldn't add any noticeable overhead at all. {quote} send user information to server for every call because HBase server side may have authorization setup too. {quote} This is just a few bytes to send the user principal. 0.94 has about as much bloat sent for every call and I haven't heard anyone complain. I think if we were going to only pick one this approach would serve both cases better than the latter. > [rest] support impersonation > ---------------------------- > > Key: HBASE-8662 > URL: https://issues.apache.org/jira/browse/HBASE-8662 > Project: HBase > Issue Type: Sub-task > Components: REST, security > Reporter: Jimmy Xiang > Assignee: Jimmy Xiang > Fix For: 0.98.0 > > Attachments: method_doas.patch, secure_rest.patch, trunk-8662.patch, > trunk-8662_v2.patch, trunk-8662_v3.patch > > > Currently, our client API uses a fixed user: the current user. It should > accept a user passed in, if authenticated. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira