hadoop-hdfs-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Xiaohua Chen <xiaohua.c...@gmail.com>
Subject Re: How to login a user with password to Kerberos Hadoop instead of ticket cache or key tab file ?
Date Mon, 06 Oct 2014 18:51:54 GMT
Hi Larry,

Thanks! This is the very right approach I am looking for.  Currently
I am using Hadoop 2.3.0 , seems this API
UserGroupInformation.getUGIFromSubject(subject) is only available from
Hadoop 3.0.0 , which seems is not released yet. So when can I expect
to get the downloadable for Hadoop 3.0.0 ?

Thank you very much and best regards!


On Mon, Oct 6, 2014 at 10:57 AM, Larry McCay <lmccay@hortonworks.com> wrote:
> You may find this approach interesting.
> https://issues.apache.org/jira/browse/HADOOP-10342
> The idea is that you preauthenticate using JAAS/krb5 or something in your
> application and then leverage the resulting java Subject to assert the
> authenticated identity.
> On Mon, Oct 6, 2014 at 1:51 PM, Xiaohua Chen <xiaohua.chen@gmail.com> wrote:
>> Hi Experts,
>> We have a use case which needs to login user into Kerberos hadoop
>> using the kerberos user's name and password.
>> I have searched around and only found that
>> 1) one can login a user  from ticket cache ( this is the default one)  or
>> 2) login a user from this user's keytab file e.g.
>>  UserGroupInformation.loginUserFromKeytabAndReturnUGI("sochen",
>> "/tmp/sochen.keytab"));
>> Can you shed some light how I can login a user using his kerberos
>> password and get a UserGroupInformation object so I can invoke
>> doAs(....) to access the HDFS file system ?
>> Thanks a lot!
>> Sophia
> NOTICE: This message is intended for the use of the individual or entity to
> which it is addressed and may contain information that is confidential,
> privileged and exempt from disclosure under applicable law. If the reader of
> this message is not the intended recipient, you are hereby notified that any
> printing, copying, dissemination, distribution, disclosure or forwarding of
> this communication is strictly prohibited. If you have received this
> communication in error, please contact the sender immediately and delete it
> from your system. Thank You.

View raw message