849028a14ca0cf60ef8c8e69499b501e4fbcb342
src/main/java/org/apache/hadoop/hbase/security/User.java | 11 ++++-------
src/main/resources/hbase-default.xml | 8 ++++++++
2 files changed, 12 insertions(+), 7 deletions(-)
diff --git a/src/main/java/org/apache/hadoop/hbase/security/User.java b/src/main/java/org/apache/hadoop/hbase/security/User.java
index 298e3ab..a0cacc0 100644
--- a/src/main/java/org/apache/hadoop/hbase/security/User.java
+++ b/src/main/java/org/apache/hadoop/hbase/security/User.java
@@ -234,15 +234,12 @@ public abstract class User {
}
/**
- * Returns whether or not secure authentication is enabled for HBase. Note that
- * HBase security requires HDFS security to provide any guarantees, so this requires that
- * both hbase.security.authentication and hadoop.security.authentication
- * are set to kerberos.
+ * Returns whether or not secure authentication is enabled for HBase. Note that
+ * HBase security requires HDFS security to provide any guarantees, so it is
+ * recommended that secure HBase should run on secure HDFS.
*/
public static boolean isHBaseSecurityEnabled(Configuration conf) {
- return "kerberos".equalsIgnoreCase(conf.get(HBASE_SECURITY_CONF_KEY)) &&
- "kerberos".equalsIgnoreCase(
- conf.get(CommonConfigurationKeys.HADOOP_SECURITY_AUTHENTICATION));
+ return "kerberos".equalsIgnoreCase(conf.get(HBASE_SECURITY_CONF_KEY));
}
/* Concrete implementations */
diff --git a/src/main/resources/hbase-default.xml b/src/main/resources/hbase-default.xml
index e5b7764..a4bf666 100644
--- a/src/main/resources/hbase-default.xml
+++ b/src/main/resources/hbase-default.xml
@@ -964,4 +964,12 @@
is 2.
+
+ hbase.security.authentication
+ simple
+
+ Controls whether or not secure authentication is enabled for HBase.
+ Possible values are 'simple' (no authentication), and 'kerberos'.
+
+