.../src/main/java/org/apache/hadoop/hbase/security/User.java | 11 ++++-------
hbase-common/src/main/resources/hbase-default.xml | 9 ++++++++-
2 files changed, 12 insertions(+), 8 deletions(-)
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/User.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/User.java
index 611abf8..1280446 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/User.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/User.java
@@ -201,15 +201,12 @@ public abstract class User {
}
/**
- * Returns whether or not secure authentication is enabled for HBase. Note that
- * HBase security requires HDFS security to provide any guarantees, so this requires that
- * both hbase.security.authentication and hadoop.security.authentication
- * are set to kerberos.
+ * Returns whether or not secure authentication is enabled for HBase. Note that
+ * HBase security requires HDFS security to provide any guarantees, so it is
+ * recommended that secure HBase should run on secure HDFS.
*/
public static boolean isHBaseSecurityEnabled(Configuration conf) {
- return "kerberos".equalsIgnoreCase(conf.get(HBASE_SECURITY_CONF_KEY)) &&
- "kerberos".equalsIgnoreCase(
- conf.get(CommonConfigurationKeys.HADOOP_SECURITY_AUTHENTICATION));
+ return ! ("simple".equalsIgnoreCase(conf.get(HBASE_SECURITY_CONF_KEY)));
}
/* Concrete implementations */
diff --git a/hbase-common/src/main/resources/hbase-default.xml b/hbase-common/src/main/resources/hbase-default.xml
index 3079fc8..50111e8 100644
--- a/hbase-common/src/main/resources/hbase-default.xml
+++ b/hbase-common/src/main/resources/hbase-default.xml
@@ -977,6 +977,13 @@ possible configurations would overwhelm and obscure the important.
are NULL, CRC32, CRC32C.
-
+
+ hbase.security.authentication
+ simple
+
+ Controls whether or not secure authentication is enabled for HBase.
+ Possible values are 'simple' (no authentication), and 'kerberos'.
+
+