Actually my problem went from the fact that the user identity is asserted on the region server you are working on, and groups are not defined very precisely there. I was able to identify it with the debug level enabled on xasecure, so thanks a lot (no pun intention) !
Regards, Loïc Loïc CHANEL Engineering student at TELECOM Nancy Trainee at Worldline - Villeurbanne 2015-08-24 17:24 GMT+02:00 Alok Lal <[email protected]>: > Log4j.properties file should be under hbase config directory. It is > usually /etc/hbase/conf. In it start by adding the following line: > > log4j.logger.com.xasecure=DEBUG > > From: Loïc Chanel > Reply-To: "[email protected]" > Date: Monday, August 24, 2015 at 7:54 AM > To: "[email protected]" > Subject: Re: HBase group authroizations > > Sorry, I just noticed that I wrote `hdfs groups` instead of `whoami`. > Regards, > > Loïc > > > Loïc CHANEL > Engineering student at TELECOM Nancy > Trainee at Worldline - Villeurbanne > > 2015-08-24 15:26 GMT+02:00 Loïc Chanel <[email protected]>: > >> Hi all, >> >> I'm having some troubles trying to authorize some users from HBase to >> access to a table using a group they belong to. >> Even if the policy is correctly set, and uses a group that `hdfs groups` >> returns me, I can't access the database as the user can't. >> >> I can't see any logs indicating that the Ranger plugin tries to assert >> the user's identity and its groups, but my debug level may not be high >> enough (as I didn't found the corresponding property). >> >> Can someone help me to increase my log level to debug for XaSecure HBase >> plugin, or give me some things I can try to look at to figure out why >> groups cannot be used in my configuration ? >> >> Thanks in advance for your help ! >> Regards, >> >> >> Loïc >> Loïc CHANEL >> Engineering student at TELECOM Nancy >> Trainee at Worldline - Villeurbanne >> > >
