We have server authentication via Kerberos, but we don't have a way for clients to connect to Accumulo using Kerberos.
HBase context: http://hbase.apache.org/book/security.html#d248e5472
We'll have to look into how Authorizations and Permissions are assigned to these users and make sure the ZK-backed security mechanisms can still support this. It would be nice to not have to make a completely separate auth/permission mechanism when kerberos is being used.
As far as configuration, I imagine this would be a great fit for the often-proposed client-side configuration idea.
|Add SASL support to thrift proxy||Resolved||