Uploaded image for project: 'HBase'
  1. HBase
  2. HBASE-15445

Add support for ACLs for web based UIs

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 1.2.0, 1.0.3, 1.1.3
    • None
    • master, regionserver, REST, Thrift
    • None

    Description

      Since 0.99 and HBASE-10336 we have our own HttpServer class that (like the counterpart in Hadoop) supports setting an ACL to allow only named users to access the web based UIs of the server processes. In secure mode we should support this as it works hand-in-hand with Kerberos authorization and the UGI class. It seems all we have to do is add a property allowing to set the ACL property as a list of users and/or groups that have access to the UIs if needed.

      As an add-on, we could combine this with the read-only flag, so that some users can only access the UIs with any option to trigger, for example, splits.

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. HBASE-10336 Remove deprecated usage of Hadoop HttpServer in InfoServer

          • Major - Major loss of function.
          • Closed

          Activity

            People

              rneumann Robert Neumann
              larsgeorge Lars George
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated: