yes it does :) also, if you are interested in scripts to help you out starting minikdc in standalone mode look at Llama's llama-minikdc module after running a mvn assembly. i dont recall if that made it to hadoop-minikdc (cannot check right now, not at computer)
thx Alejandro (phone typing) > On Apr 17, 2014, at 10:05, Steve Loughran <ste...@hortonworks.com> wrote: > > there's one more thing to note -when working with a linux kerberos cluster, > you must have the export crypto package installed, else you get to see the > useful error message "No valid credentials provided (Mechanism level: > Illegal key size)]" > > I don't know if miniKDC works with smaller key lengths, so avoids this > problem > > >> On 17 April 2014 16:37, Alejandro Abdelnur <t...@cloudera.com> wrote: >> >> minikdc can be run from the commandline to do exactly that, as args you >> give dir where it will create the krb5conf file, a list of principals to >> have, a keytab with all those princs will be created in the dir, distribute >> the krb5.conf and the keytabfile to you clients. config the cluents to pick >> up the krb5.conf, you are done. >> >> thx >> >> Alejandro >> (phone typing) >> >>> On Apr 17, 2014, at 8:28, Jay Vyas <jayunit...@gmail.com> wrote: >>> >>> ah .. thats nice to know. so ... are there other lightweight kerberos >>> implementations that we can use on a real cluster to get started with >>> kerberos authentication without having to install a whole kdc >> environment? >>> >>> >>> On Thu, Apr 17, 2014 at 11:15 AM, Alejandro Abdelnur <t...@cloudera.com >>> wrote: >>> >>>> or you can use hadoop-minikdc, it is a java kdc base on apacheds, and >>>> doesnt require any os level setup. there are some tests in hadoop rhat >>>> already use it. >>>> >>>> thx >>>> >>>> Alejandro >>>> (phone typing) >>>> >>>>>> On Apr 17, 2014, at 5:44, Steve Loughran <ste...@hortonworks.com> >> wrote: >>>>>> >>>>>> On 16 April 2014 23:42, Mohammad Islam <misla...@yahoo.com> wrote: >>>>>> >>>>>> Hi, >>>>>> I tried to run a test case using this command from my Linux box: >>>>>> mvn clean test -PtestKerberos -Dtest=TestJHSSecurity >>>>>> >>>>>> And I got the following exception. I know it is related to setup the >>>>>> principal and other kerberos settings. >>>>>> >>>>>> Can someone please help me about this? such as what is the mvn >> command >>>>>> and what other settings are required? >>>>> >>>>> >>>>> >>>>> it'll need the kerberos credentials used to talk to the cluster, which >>>> you >>>>> pick up client side via kinit ; the Java code will pick them up. >>>>> >>>>> >>>>> >>>>>> Do I need to run my own KDC or provide own keytab? >>>>> you will need your own KDC, this is easy enough to set up on Linux >> -even >>>> in >>>>> a VM- and you can certainly use Linux or OSX as test boxes. >>>>> >>>>> -- >>>>> CONFIDENTIALITY NOTICE >>>>> NOTICE: This message is intended for the use of the individual or >> entity >>>> to >>>>> which it is addressed and may contain information that is confidential, >>>>> privileged and exempt from disclosure under applicable law. If the >> reader >>>>> of this message is not the intended recipient, you are hereby notified >>>> that >>>>> any printing, copying, dissemination, distribution, disclosure or >>>>> forwarding of this communication is strictly prohibited. If you have >>>>> received this communication in error, please contact the sender >>>> immediately >>>>> and delete it from your system. Thank You. >>> >>> >>> >>> -- >>> Jay Vyas >>> http://jayunit100.blogspot.com > > -- > CONFIDENTIALITY NOTICE > NOTICE: This message is intended for the use of the individual or entity to > which it is addressed and may contain information that is confidential, > privileged and exempt from disclosure under applicable law. If the reader > of this message is not the intended recipient, you are hereby notified that > any printing, copying, dissemination, distribution, disclosure or > forwarding of this communication is strictly prohibited. If you have > received this communication in error, please contact the sender immediately > and delete it from your system. Thank You.
