Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Ranger hbase plugin not proxying users. Runs every request as root user

Highlighted

Ranger hbase plugin not proxying users. Runs every request as root user

Contributor

I am upgrading our cluster to HDP 3.0.1. I have installed ranger (1.1.0) and enabled the hbase plugin. (Other plugins are working as expected - hdfs, knox etc)

All requests to hbase with _any_ user are being run as the root user. This is true through either knox or a direct call to hbase using curl. I do not have kerberos enabled as yet.


Has anyone seen this before?

2 REPLIES 2

Re: Ranger hbase plugin not proxying users. Runs every request as root user

Without enabling Kerberos authentication for HBase, any authorization checks you make are pointless.

When you don't have Kerberos authentication enabled, there is no guarantee that the end user is who they say they are. This makes authorization pointless.

I would focus on getting strong authentication setup before looking more into authorization.

Re: Ranger hbase plugin not proxying users. Runs every request as root user

Contributor

Thanks Josh, I'll enable kerberos and retry. I'll let you know how I go.