svn commit: r1679930 - /accumulo/site/trunk/content/release_notes/1.7.0.mdtext

Sun, 17 May 2015 21:19:22 -0700 

Author: elserj
Date: Mon May 18 04:18:56 2015
New Revision: 1679930

URL: http://svn.apache.org/r1679930
Log:
ACCUMULO-3737 Docs for kerberos authentication

Modified:
    accumulo/site/trunk/content/release_notes/1.7.0.mdtext

Modified: accumulo/site/trunk/content/release_notes/1.7.0.mdtext
URL: 
http://svn.apache.org/viewvc/accumulo/site/trunk/content/release_notes/1.7.0.mdtext?rev=1679930&r1=1679929&r2=1679930&view=diff
==============================================================================
--- accumulo/site/trunk/content/release_notes/1.7.0.mdtext (original)
+++ accumulo/site/trunk/content/release_notes/1.7.0.mdtext Mon May 18 04:18:56 
2015
@@ -20,6 +20,33 @@ Apache Accumulo 1.7.0 is a release that
 
 #DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT
 
+### Client Authentication with Kerberos
+
+Kerberos is far and away the de-facto means provide strong authentication 
across Hadoop
+and other related components. Kerberos uses requires a centralized key 
distribution center
+to authentication users who have credentials provided by an administrator. 
When Hadoop is
+configured for use with Kerberos, all users must provide Kerberos credentials 
to interact
+with the filesystem, launch YARN jobs, or even view certain web pages.
+
+While Accumulo has long supported operation on Hadoop with Kerberos enabled, 
it required
+Accumulo users to still use password-based authentication. 
[ACCUMULO-2815][ACCUMULO-2815]
+added support to Accumulo to allow Accumulo clients to use a single set of 
Kerberos
+credentials to interact with Accumulo and all other Hadoop components.
+
+This authentication leverages the [Simple Authentication and Security Layer 
(SASL)][SASL]
+and [GSSAPI][GSSAPI] to support Kerberos authentication over the existing 
Thrift-base
+RPC infrastructure that Accumulo leverages.
+
+These additions represent a significant forward step for Accumulo, bringing it 
up to
+speed with the rest of the Hadoop components. This results in a much more 
cohesive
+security story for Accumulo that resonates with the battle-tested cell-level 
security
+and authorization module.
+
+
+### Data-Center Replication
+
+
+
 ### User Initiated Compaction Strategies
 
 Per table compaction strategies were added in 1.6.0.  In 1.7.0 the ability to
@@ -177,4 +204,7 @@ and, in HDFS High-Availability instances
 [ACCUMULO-1798]: https://issues.apache.org/jira/browse/ACCUMULO-1798
 [ACCUMULO-3134]: https://issues.apache.org/jira/browse/ACCUMULO-3134
 [ACCUMULO-3439]: https://issues.apache.org/jira/browse/ACCUMULO-3439
-[group_balancer]: 
https://blogs.apache.org/accumulo/entry/balancing_groups_of_tablets
\ No newline at end of file
+[group_balancer]: 
https://blogs.apache.org/accumulo/entry/balancing_groups_of_tablets
+[ACCUMULO-2815]: https://issues.apache.org/jira/browse/ACCUMULO-2815
+[SASL]: http://en.wikipedia.org/wiki/Simple_Authentication_and_Security_Layer
+[GSSAPI]: 
http://en.wikipedia.org/wiki/Generic_Security_Services_Application_Program_Interface
\ No newline at end of file

Reply via email to