Return-Path: X-Original-To: apmail-hadoop-user-archive@minotaur.apache.org Delivered-To: apmail-hadoop-user-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 5BF6817883 for ; Mon, 6 Oct 2014 17:52:19 +0000 (UTC) Received: (qmail 92062 invoked by uid 500); 6 Oct 2014 17:52:15 -0000 Delivered-To: apmail-hadoop-user-archive@hadoop.apache.org Received: (qmail 91952 invoked by uid 500); 6 Oct 2014 17:52:15 -0000 Mailing-List: contact user-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@hadoop.apache.org Delivered-To: mailing list user@hadoop.apache.org Received: (qmail 91942 invoked by uid 99); 6 Oct 2014 17:52:14 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 06 Oct 2014 17:52:14 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of xiaohua.chen@gmail.com designates 209.85.215.49 as permitted sender) Received: from [209.85.215.49] (HELO mail-la0-f49.google.com) (209.85.215.49) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 06 Oct 2014 17:51:48 +0000 Received: by mail-la0-f49.google.com with SMTP id q1so4755998lam.8 for ; Mon, 06 Oct 2014 10:51:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=jVlMbK8XflWouOwqCySkeVfHO0ugjtMapk8Cp6Oi1WE=; b=GMmvbL6+HF2aQFX9NeOXA5NQIvcDgvLb3BjL9uthjX+cgIeO1TKEghcOAzfEL+bjFW joo0eAgfUS5n8IuY9lDBOvgGx53+fFkNDT4nqE5GJ3TTosNrIaV78lcwi8NG7HSVfAvw SB8ypw5EzIwMm+U2HhOgf44HJxXCu9Eo6P9/TG6ETfi4+bDTEIY2aVfug9z7JNFKFfB7 ktc2nKWEI1to4VKJ/oC0nQMvik5DTC5cwhy4p797nwTt+bo5cyrRfSqBkFMNUMSUwirJ HX23A5XHYkflzynhHGk/YqVcWPO59/6aHv12ftdwanzQr9pV+DkSzdc2vFVrLzB5gQUm taXg== MIME-Version: 1.0 X-Received: by 10.152.19.195 with SMTP id h3mr5517469lae.71.1412617907725; Mon, 06 Oct 2014 10:51:47 -0700 (PDT) Received: by 10.114.185.199 with HTTP; Mon, 6 Oct 2014 10:51:47 -0700 (PDT) Date: Mon, 6 Oct 2014 10:51:47 -0700 Message-ID: Subject: How to login a user with password to Kerberos Hadoop instead of ticket cache or key tab file ? From: Xiaohua Chen To: user@hadoop.apache.org Content-Type: text/plain; charset=UTF-8 X-Virus-Checked: Checked by ClamAV on apache.org Hi Experts, We have a use case which needs to login user into Kerberos hadoop using the kerberos user's name and password. I have searched around and only found that 1) one can login a user from ticket cache ( this is the default one) or 2) login a user from this user's keytab file e.g. UserGroupInformation.loginUserFromKeytabAndReturnUGI("sochen", "/tmp/sochen.keytab")); Can you shed some light how I can login a user using his kerberos password and get a UserGroupInformation object so I can invoke doAs(....) to access the HDFS file system ? Thanks a lot! Sophia