Home | About | Sematext search-lucene.com search-hadoop.com
 Search Hadoop and all its subprojects:

Switch to Threaded View
HBase, mail # user - accessing _acl_ from hbase client


Copy link to this message
-
RE: accessing _acl_ from hbase client
Anoop Sam John 2012-06-04, 07:06
Hi

>it's sort of funny that I can still access the -ROOT- & .META. tables
>without permissions. Do you think this is a bug? or am I doing something
>wrong?
No.  The catalog tables are given with read permission for every one as the client scans these tables in Put/Scan cases for other tables.

You can use grant() and remove() functions provided in AccessController for controlling the users and admins etc.

-Anoop-
________________________________________
From: Ben Kim [[EMAIL PROTECTED]]
Sent: Monday, June 04, 2012 11:53 AM
To: [EMAIL PROTECTED]
Subject: accessing _acl_ from hbase client

Is there any way a client can access the _acl_ table?
I want an administrator to be able to control the user access to all tables.
In order to do this I'll need to access the _acl_ table from the HBase
client.
I'm thinking of something like Mysql user table which has all access
permissions to tables.

I already tried giving _acl_ access permission to the Admin user, (grant
'Admin', 'RW', '_acl_')
but scanning through the _acl_ table with Admin user wasn't allowed.

it's sort of funny that I can still access the -ROOT- & .META. tables
without permissions. Do you think this is a bug? or am I doing something
wrong?

Thank you in advance.
--

*Benjamin Kim*
*benkimkimben at gmail*