-RE: accessing _acl_ from hbase client
Anoop Sam John 2012-06-04, 07:06
>it's sort of funny that I can still access the -ROOT- & .META. tables
>without permissions. Do you think this is a bug? or am I doing something
No. The catalog tables are given with read permission for every one as the client scans these tables in Put/Scan cases for other tables.
You can use grant() and remove() functions provided in AccessController for controlling the users and admins etc.
From: Ben Kim [[EMAIL PROTECTED]]
Sent: Monday, June 04, 2012 11:53 AM
To: [EMAIL PROTECTED]
Subject: accessing _acl_ from hbase client
Is there any way a client can access the _acl_ table?
I want an administrator to be able to control the user access to all tables.
In order to do this I'll need to access the _acl_ table from the HBase
I'm thinking of something like Mysql user table which has all access
permissions to tables.
I already tried giving _acl_ access permission to the Admin user, (grant
'Admin', 'RW', '_acl_')
but scanning through the _acl_ table with Admin user wasn't allowed.
it's sort of funny that I can still access the -ROOT- & .META. tables
without permissions. Do you think this is a bug? or am I doing something
Thank you in advance.
*benkimkimben at gmail*