lifangyu opened a new pull request, #6923: URL: https://github.com/apache/gravitino/pull/6923
<!-- [Improvement] hudi catalog support Kerberos authentication #6854 --> ### What changes were proposed in this pull request? When the Hudi catalog back-end is hms, the hms Kerberos authentication function is supported ### Why are the changes needed? 1. For data security, it is necessary to support hms Kerberos authentication; 2. Provides a HMS Kerberos authentication methods: HudiHMSBackendOps. InitKerberosAuth (...). Access entry ### Does this PR introduce _any_ user-facing change? 1. Introduced user-facing changes: The hudi catalog has added property parameters: authentication.type: The type of authentication for hudi catalog backend. This configuration only applicable for for hms backend, and only supports `Kerberos`, `simple` currently. authentication.kerberos. principal: The principal of the Kerberos authentication Authentication.kerbers.keytab-uri: The URI of The keytab for the Kerberos authentication. Property name with this prefix passed down to the underlying backend client for use. Such as ` gravitino. Bypass. Hive. Metastore. Kerberos. The principal = XXXX ` ` gravitino. Bypass. Hadoop. Security. The authentication = kerberos `, ` gr avitino.bypass.hive.metastore.sasl. enabled=ture` And so on. ### How was this patch tested? Using the web ui, you can configure hudi catalog backend hms and config Kerberos-related parameters to manage hudi metadata. As shown below: <img width="1379" alt="image" src="https://github.com/user-attachments/assets/6f89d707-0e82-4091-9076-00761508d158"; /> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
