hadoop-common-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Allen Wittenauer <awittena...@linkedin.com>
Subject Re: [Fwd: about hadoop security design]
Date Wed, 06 Jan 2010 17:49:39 GMT
On 1/5/10 10:57 PM, "gscse@tce.edu" <gscse@tce.edu> wrote:
>  i am doing my research in hadoop security design.
> Instead of using kerberos for hadoop security is it possible to
> use Ldap authentication protocol???

Using LDAP (or NIS+, or NIS, or passwd/shadow files, or ...  ) will require
a password prompt, something that I think the current design specifically
avoids requiring (I still need to read Owen's doc).

If Kerberos isn't an option, then it would probably be better to work on
something certificate based (SPKM, LIPKEY, etc) that would also avoid the
dreaded pw prompt.  [But now you have a lot more operational challenges.
PKI is way more awful to truly support than Kerberos, IMO.]

>  have learnt that except name nodes all other services of hadoop
> support only kerberos authentication protocol..is it so???

Currently, there is no authentication in Hadoop.


Mime
View raw message