.../src/main/java/org/apache/hadoop/hbase/security/User.java | 11 ++++------- hbase-common/src/main/resources/hbase-default.xml | 9 ++++++++- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/User.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/User.java index 611abf8..1280446 100644 --- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/User.java +++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/User.java @@ -201,15 +201,12 @@ public abstract class User { } /** - * Returns whether or not secure authentication is enabled for HBase. Note that - * HBase security requires HDFS security to provide any guarantees, so this requires that - * both hbase.security.authentication and hadoop.security.authentication - * are set to kerberos. + * Returns whether or not secure authentication is enabled for HBase. Note that + * HBase security requires HDFS security to provide any guarantees, so it is + * recommended that secure HBase should run on secure HDFS. */ public static boolean isHBaseSecurityEnabled(Configuration conf) { - return "kerberos".equalsIgnoreCase(conf.get(HBASE_SECURITY_CONF_KEY)) && - "kerberos".equalsIgnoreCase( - conf.get(CommonConfigurationKeys.HADOOP_SECURITY_AUTHENTICATION)); + return ! ("simple".equalsIgnoreCase(conf.get(HBASE_SECURITY_CONF_KEY))); } /* Concrete implementations */ diff --git a/hbase-common/src/main/resources/hbase-default.xml b/hbase-common/src/main/resources/hbase-default.xml index 3079fc8..50111e8 100644 --- a/hbase-common/src/main/resources/hbase-default.xml +++ b/hbase-common/src/main/resources/hbase-default.xml @@ -977,6 +977,13 @@ possible configurations would overwhelm and obscure the important. are NULL, CRC32, CRC32C. - + + hbase.security.authentication + simple + + Controls whether or not secure authentication is enabled for HBase. + Possible values are 'simple' (no authentication), and 'kerberos'. + +