accumulo-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [2/3] git commit: ACCUMULO-3045 Update user manual for CredentialProviderToken.
Date Thu, 07 Aug 2014 18:32:43 GMT
ACCUMULO-3045 Update user manual for CredentialProviderToken.


Branch: refs/heads/master
Commit: d5e094ddf3b6dd028f23a5f1069ff2147cbf2c70
Parents: 4d70739
Author: Josh Elser <>
Authored: Thu Aug 7 14:27:30 2014 -0400
Committer: Josh Elser <>
Committed: Thu Aug 7 14:27:30 2014 -0400

 .../accumulo_user_manual/chapters/administration.tex      |  4 ++++
 .../main/latex/accumulo_user_manual/chapters/clients.tex  | 10 ++++++++++
 2 files changed, 14 insertions(+)
diff --git a/docs/src/main/latex/accumulo_user_manual/chapters/administration.tex b/docs/src/main/latex/accumulo_user_manual/chapters/administration.tex
index 78becca..d524def 100644
--- a/docs/src/main/latex/accumulo_user_manual/chapters/administration.tex
+++ b/docs/src/main/latex/accumulo_user_manual/chapters/administration.tex
@@ -261,6 +261,10 @@ This configuration will then transparently extract the \texttt{instance.secret}
 the configured KeyStore and alleviates a human readable storage of the sensitive
+A KeyStore can also be stored in HDFS, which will make the KeyStore readily available to
+all Accumulo servers. If the local filesystem is used, be aware that each Accumulo server
+will expect the KeyStore in the same location.
 Accumulo must be initialized to create the structures it uses internally to locate
diff --git a/docs/src/main/latex/accumulo_user_manual/chapters/clients.tex b/docs/src/main/latex/accumulo_user_manual/chapters/clients.tex
index 1dbe564..8f8bbdf 100644
--- a/docs/src/main/latex/accumulo_user_manual/chapters/clients.tex
+++ b/docs/src/main/latex/accumulo_user_manual/chapters/clients.tex
@@ -61,6 +61,16 @@ Instance inst = new ZooKeeperInstance(instanceName, zooServers);
 Connector conn = inst.getConnector("user", new PasswordToken("passwd"));
+The PasswordToken is the most common implementation of an \texttt{AuthenticationToken}.
+This general interface allow authentication as an Accumulo user to come from
+a variety of sources or means. The CredentialProviderToken leverages the Hadoop
+CredentialProviders (new in Hadoop 2.6).
+For example, the CredentialProviderToken can be used in conjunction with a Java
+KeyStore to alleviate passwords stored in cleartext. When stored in HDFS, a single
+KeyStore can be used across an entire instance. Be aware that KeyStores stored on
+the local filesystem must be made available to all nodes in the Accumulo cluster.
 \section{Writing Data}
 Data are written to Accumulo by creating Mutation objects that represent all the

View raw message