[ https://issues.apache.org/jira/browse/NIFI-4637?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16452104#comment-16452104 ]
ASF GitHub Bot commented on NIFI-4637: -------------------------------------- Github user bbende commented on the issue: https://github.com/apache/nifi/pull/2518 @MikeThomsen @ijokarumawak I haven't looked at how Hbase visibility labels work compared to Accumulo, but in Accumulo you pass in the authorizations for an operations which are then compared against the visibility strings on each cell. The authorizations on the operation usually come from authenticating an end-user against LDAP and then running an operation on their behalf. When scanning cells for the current operation, if the passed in authorizations don't meet the visiblity string for a given cell, then it is as if this cell doesn't exist. So if you were issuing a delete on behalf of an end-user, I would expect they can only delete cells that are visible to them based on their authorizations. Curious to hear that Josh has to say. > Add support for HBase visibility labels to HBase processors and controller > services > ----------------------------------------------------------------------------------- > > Key: NIFI-4637 > URL: https://issues.apache.org/jira/browse/NIFI-4637 > Project: Apache NiFi > Issue Type: Improvement > Reporter: Mike Thomsen > Assignee: Mike Thomsen > Priority: Major > > HBase supports visibility labels, but you can't use them from NiFi because > there is no way to set them. The existing processors and services should be > upgraded to handle this capability. -- This message was sent by Atlassian JIRA (v7.6.3#76005)