In hbase-20586 (https://issues.apache.org/jira/browse/HBASE-20586)
（commit_sha: https://github.com/apache/hbase/commit/cd61bcc0 ）
The code added (SyncTable.java) for the use of hbase.security.authentication is case-sensitive. So users setting it to “KERBEROS” won’t take effect.
However, in current code base, other uses of hbase.security.authentication are all case-insensitive. For example in MasterFileSystem.java.
The doc in GitHub repo is also misleading (Giving upper-case value).
As a distributed database, HBase must be able to authenticate users and HBase services across an untrusted network. Clients and HBase services are treated equivalently in terms of authentication (and this is the only time we will draw such a distinction).
There are currently three modes of authentication which are supported by HBase today via the configuration property hbase.security.authentication
Users may misconfigure the parameter because of the case-senstive problem.
How To Fix
Using eqaulsIgnoreCase API consistently in every place when using hbase.security.authentication or make it clear in Doc.