As HBase becomes more and more popular, different users and groups may store more data in a shared HBase cluster. You might not like all users having full permission to every HBase table. This adds risks to your data, for example, security risks or missed data operation.
Newer HBase releases (0.92 and above) have Kerberos-based security support. With this, user identities are verified by Kerberos, and only authenticated users are allowed to access data in a secured HBase cluster.
We will describe how to configure secure client access to HBase in this recipe.
Make sure you are using the security-enabled HBase release. If you are downloading from the official HBase site, the filename should look like hbase-0.92.1-security.tar.gz
.
We assume that you have a working Kerberos Key Distribution Center (KDC) and have realm set up. For more information about installing and configuring Kerberos, see the Kerberos authentication for Hadoop and HBase recipe...