phoenix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Josh Elser (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (PHOENIX-4112) Allow JDBC url-based Kerberos credentials via sqlline-thin.py
Date Tue, 22 Aug 2017 15:52:00 GMT

    [ https://issues.apache.org/jira/browse/PHOENIX-4112?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16136977#comment-16136977
] 

Josh Elser commented on PHOENIX-4112:
-------------------------------------

Thanks for filing, Sunil.

The core of this issue is that SqllineWrapper, the Java class that sqlline-thin.py invokes,
requires that the user already have a populated ticket cache. There's no reason that we can't
allow the user to simply provide credentials and log them in automatically.

Avatica has the ability to perform the login already at the JAAS level; however, I don't know
if this will "play nicely" with UserGroupInformation.

> Allow JDBC url-based Kerberos credentials via sqlline-thin.py
> -------------------------------------------------------------
>
>                 Key: PHOENIX-4112
>                 URL: https://issues.apache.org/jira/browse/PHOENIX-4112
>             Project: Phoenix
>          Issue Type: Improvement
>            Reporter: Sunil Kumar Sattiraju
>
> In a kerberized environment sqlline-thin.py support authenticating after the user loads
keytab using kinit. phoneix jdbc thin driver supports using keytab like below:
> jdbc:phoenix:thin:url=http://queryserver.domain:8765;serialization=PROTOBUF;authentication=SPENGO;principal=phoenix@EXAMPLE.COM;keytab=/etc/security/keytabs/phoenix.keytab
> so, improve SqllineWrapper to support these args



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message