I started working on this and have PutHBaseCell, PutHBaseJSON and
FetchHBaseRow working with it. I'm following a loose convention that goes
1. Option of sane default for visibility boolean string where appropriate,
but the string is not required.
2. User defines the list of tokens that will be used for the scans and gets
so they can control how much of the acceptable range is used (this will be
customizable with EL).
3. For JSON data, attributes that follow visibility.COL_FAM.COL_QUAL =
X&(Y|Z) is how it'll let the user define different statements for each
4. For records, I plan to put a record path property where a user can
specify a simple Map<String> in Avro that would provide the equivalent of
#3 for records, but would not be added to the Puts.
Our environment doesn't have Kerberos enabled. We're just using OS users
and manual set_auths to define who can see what in HBase. I don't expect
it'll make a difference to NiFi for users that have Kerberos set up
> I don't know of any work being done or any JIRAs that exist for this,
> but seems like it would be good to support them. Most likely its just
> that no one has asked for it yet.
> I'd go ahead and create a JIRA, or if you were planning to incorporate
> it into the HBase record processors then that sounds good too.
> On Thu, Jun 29, 2017 at 1:03 PM, Mike Thomsen <[hidden email]>
> > Are there any plans for implementing HBase security labels?
> > Thanks,
> > Mike