hadoop-common-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ravi teja <raviort...@gmail.com>
Subject Re: Authentication and security with hadoop
Date Thu, 14 Jul 2016 06:27:34 GMT
Thanks for the clarification Arpit.
Will check the docs.

Ravi

On Thu, Jul 14, 2016 at 1:44 AM, Arpit Agarwal <aagarwal@hortonworks.com>
wrote:

> Hi Ravi,
>
>
>
> Kerberos is the only supported mechanism for strong identity. Most Hadoop
> access controls are easily bypassed without Kerberos authentication.
>
>
>
> Kerberos setup can be difficult. Most Kerberos complications arise with
> multi-homed hosts or if DNS/reverse DNS is broken. If you run into specific
> Kerberos operation issues you can ask for answers on this DL.
>
>
>
> Apache Hadoop 2.7.3 will have improved documentation on Kerberos setup.
> Meanwhile you can find the updated docs here:
>
>
> https://github.com/apache/hadoop/blob/branch-2.7.3/hadoop-common-project/hadoop-common/src/site/markdown/SecureMode.md#Multihoming
>
>
>
>
>
> *From: *ravi teja <raviorteja@gmail.com>
> *Date: *Wednesday, July 13, 2016 at 5:46 AM
> *To: *"user@hadoop.apache.org" <user@hadoop.apache.org>
> *Subject: *Authentication and security with hadoop
>
>
>
> Hi Community,
>
>
>
> We wanted to have authentication on hadoop, means want to make sure the
> user is what he claims to be and doesn't proxy another users using env
> variables.
>
>
>
> From many links , I see that the default choice is kerberos with hadoop.
>
> And as far i understand ,I see that ranger is more like a central place to
> manage the acls on directories and it doesn't involve in authentication.
>
>
>
> And the information online is pretty old, could get any latest information
> on the security auth.
>
>
>
> I wanted to know if there is other way than kerberos for providing this
> authentication layer?
>
> Because kerberos had many operation problems while using with HDFS and now
> we no longer use it.
>
>
>
> Thanks in advance,
>
> Ravi
>

Mime
View raw message