Return-Path: Delivered-To: apmail-hadoop-common-dev-archive@www.apache.org Received: (qmail 43588 invoked from network); 4 May 2010 15:22:05 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 4 May 2010 15:22:05 -0000 Received: (qmail 55882 invoked by uid 500); 4 May 2010 15:22:04 -0000 Delivered-To: apmail-hadoop-common-dev-archive@hadoop.apache.org Received: (qmail 55832 invoked by uid 500); 4 May 2010 15:22:04 -0000 Mailing-List: contact common-dev-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: common-dev@hadoop.apache.org Delivered-To: mailing list common-dev@hadoop.apache.org Received: (qmail 55824 invoked by uid 99); 4 May 2010 15:22:04 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 04 May 2010 15:22:04 +0000 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests=FREEMAIL_FROM,SPF_PASS,T_TO_NO_BRKTS_FREEMAIL X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of owen.omalley@gmail.com designates 74.125.83.176 as permitted sender) Received: from [74.125.83.176] (HELO mail-pv0-f176.google.com) (74.125.83.176) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 04 May 2010 15:21:58 +0000 Received: by pvd12 with SMTP id 12so792513pvd.35 for ; Tue, 04 May 2010 08:21:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=MKiHEuQmvsuWGJp9XS2++T4CBwz3aTV/3v4vU/+Ng6s=; b=mzY8kZSC2yg/TqFgq0mNZgSJ+jvNChpSsIlt5m1CJj7Ybqp2641XFkgwP4jF3TKTpk 4gb9qHpSpHx8tob+cYlXRb4kcY8etF6vTGW5HNAyXs3yVMxglPEoDjTOLMaguQCMRfDJ 6DaTLLMRwrggePeILprQrODr0ielHkC1TxiYg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=RFgoGoeUGaCWF19bW4CzhoSGnOl0DDi+bvu0XwwDh47b1siVnevljVACboLKpiDG58 /BTgiYLh/vgt0/YbPJ9jRDMXSk9ahn+na/vJyz5YILliYBkImFzyCskXke5+FM484ZsW 1ZM1UI2Hb4f0UPK+2kEblmfdP5oCjn4ydzjZo= MIME-Version: 1.0 Received: by 10.142.67.34 with SMTP id p34mr3484296wfa.335.1272986498554; Tue, 04 May 2010 08:21:38 -0700 (PDT) Received: by 10.231.168.11 with HTTP; Tue, 4 May 2010 08:21:38 -0700 (PDT) In-Reply-To: References: Date: Tue, 4 May 2010 08:21:38 -0700 Message-ID: Subject: Re: User Authentication Using Kerberos From: "Owen O'Malley" To: common-dev@hadoop.apache.org Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On Tue, May 4, 2010 at 5:13 AM, Sujitha wrote: > =C2=A0 i am working on hadoop security wherein in the first step to > authenticate users,Kerberos authentication protocol was used. Look at the UserGroupInformation class in subversion trunk. It uses Java's JAAS interface to authenticate the user using Kerberos. The RPC connections are authenticated with Kerberos or delegation tokens that are generated by the NameNode or JobTracker. -- Owen