Thanks a lot for the responses, Harsh. Even i thought that if HBase does
not supports Authorization with AD then we might need to write a
coprocessor.
On Sun, Dec 9, 2012 at 2:33 PM, Harsh J wrote:
> Ah alright. To rephrase my answer: Authentication in HBase via AD is
> supported, but direct Aut
Ah alright. To rephrase my answer: Authentication in HBase via AD is
supported, but direct Authorization of tables via AD is not.
You'd need to either come up with your own co-processors or enhance
the AccessController to feed its ACL data off of LDAP instead of a
system table (a pluggable design
Hi Harsh,
HBase has a concept of ACL. But, these ACL's are maintained as another
system table "*_acl_*"(similar to Meta and Root) in HBase. See:
hbase.apache.org/book/hbase.accesscontrol.configuration.html.
Instead of HBase maintaining these ACL's as a system table we want HBase to
understand the
Hi,
Correct me if I'm wrong, but HBase presently has no reliance on the
concept of groups, just users. For authenticating users, it relies on
Hadoop Common's security libraries, which is the same as is used by
HDFS for authentication. The Hadoop Common security libraries provided
auth_to_local for
Hi Harsh,
We are in process of installing a HBase cluster with a secure HDFS and
HBase. We already have a secure HDFS integrated with AD but we are still
trying to figure out a way to integrate HBase with AD(directly or
indirectly throgh KDC). I think my colleague has already implemented the
stuff
Hi,
An KDC can be made to trust an AD, which would solve your need. This
https://ccp.cloudera.com/display/CDH4DOC/Integrating+Hadoop+Security+with+Active+Directory
is one guide that details on how to set it up.
HBase wraps very little logic over Hadoop's security providing
classes, so proper Hado
Hi Harsh,
Both of the approach you mentioned would be ok for us. We are aware that
Hadoop can be integrated with Active Directory. But, i could not find any
such reference for HBase. Do you have any idea about this? Any link or
documentation on this would be really helpful.
Thanks,
Anil Gupta
On
Do you want to have just AD (via LDAP) based authentication (not sure
what I'm talking of here, really), or kerberos based authentication
but with an automatic binding to AD (via LDAP) for all the
allowed/available users?
On Tue, Dec 4, 2012 at 11:19 AM, anil gupta wrote:
> Hi All,
>
> We would l
Hi All,
We would like to integrate HBase with our corporate Active Directory for
authentication and authorization of HBase users. I have gone through the
following links in HBase:
http://blog.cloudera.com/blog/2012/09/understanding-user-authentication-and-authorization-in-apache-hbase/
http://hba
