minikdc can be run from the commandline to do exactly that, as args you give dir where it will create the krb5conf file, a list of principals to have, a keytab with all those princs will be created in the dir, distribute the krb5.conf and the keytabfile to you clients. config the cluents to pick up the krb5.conf, you are done.
thx Alejandro (phone typing) > On Apr 17, 2014, at 8:28, Jay Vyas <jayunit...@gmail.com> wrote: > > ah .. thats nice to know. so ... are there other lightweight kerberos > implementations that we can use on a real cluster to get started with > kerberos authentication without having to install a whole kdc environment? > > > On Thu, Apr 17, 2014 at 11:15 AM, Alejandro Abdelnur <t...@cloudera.com>wrote: > >> or you can use hadoop-minikdc, it is a java kdc base on apacheds, and >> doesnt require any os level setup. there are some tests in hadoop rhat >> already use it. >> >> thx >> >> Alejandro >> (phone typing) >> >>>> On Apr 17, 2014, at 5:44, Steve Loughran <ste...@hortonworks.com> wrote: >>>> >>>> On 16 April 2014 23:42, Mohammad Islam <misla...@yahoo.com> wrote: >>>> >>>> Hi, >>>> I tried to run a test case using this command from my Linux box: >>>> mvn clean test -PtestKerberos -Dtest=TestJHSSecurity >>>> >>>> And I got the following exception. I know it is related to setup the >>>> principal and other kerberos settings. >>>> >>>> Can someone please help me about this? such as what is the mvn command >>>> and what other settings are required? >>> >>> >>> >>> it'll need the kerberos credentials used to talk to the cluster, which >> you >>> pick up client side via kinit ; the Java code will pick them up. >>> >>> >>> >>>> Do I need to run my own KDC or provide own keytab? >>> you will need your own KDC, this is easy enough to set up on Linux -even >> in >>> a VM- and you can certainly use Linux or OSX as test boxes. >>> >>> -- >>> CONFIDENTIALITY NOTICE >>> NOTICE: This message is intended for the use of the individual or entity >> to >>> which it is addressed and may contain information that is confidential, >>> privileged and exempt from disclosure under applicable law. If the reader >>> of this message is not the intended recipient, you are hereby notified >> that >>> any printing, copying, dissemination, distribution, disclosure or >>> forwarding of this communication is strictly prohibited. If you have >>> received this communication in error, please contact the sender >> immediately >>> and delete it from your system. Thank You. > > > > -- > Jay Vyas > http://jayunit100.blogspot.com
