Summary: Fix HBase RPC protection
Issue Type: Bug
Components: encryption, rpc, security
Reporter: Apekshit Sharma
Assignee: Apekshit Sharma
HBase configuration 'hbase.rpc.protection' can be set to 'authentication', 'integrity' or 'privacy'.
"authentication means authentication only and no integrity or privacy; integrity implies
authentication and integrity are enabled; and privacy implies all of
authentication, integrity and privacy are enabled."
However hbase ref guide incorrectly suggests in some places to set the value to 'auth-conf' instead of 'privacy'. Setting value to 'auth-conf' doesn't provide rpc encryption which is what user wants.
This jira will fix:
- documentation: change 'auth-conf' references to 'privacy'
- SaslUtil to support both set of values (privacy/integrity/authentication and auth-conf/auth-int/auth) to be backward compatible with what was being suggested till now.
- change 'hbase.thrift.security.qop' to be consistent with other similar configurations by using same set of values (privacy/integrity/authentication).
This message was sent by Atlassian JIRA