[jira] [Commented] (HADOOP-19060) Support hadoop client authentication through keytab configuration.

Thu, 21 Mar 2024 20:21:03 -0700 


    [ 
https://issues.apache.org/jira/browse/HADOOP-19060?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17829731#comment-17829731
 ] 

ASF GitHub Bot commented on HADOOP-19060:
-----------------------------------------

huangzhaobo99 commented on PR #6516:
URL: https://github.com/apache/hadoop/pull/6516#issuecomment-2014275071

   Can anyone help review it? Thanks.
   
   Hi @tasanuma @Hexiaoqiao @zhangshuyan0 @slfan1989,
   Please kindly review this PR as well if you have bandwidth, Thanks.




> Support hadoop client authentication through keytab configuration.
> ------------------------------------------------------------------
>
>                 Key: HADOOP-19060
>                 URL: https://issues.apache.org/jira/browse/HADOOP-19060
>             Project: Hadoop Common
>          Issue Type: New Feature
>            Reporter: Zhaobo Huang
>            Assignee: Zhaobo Huang
>            Priority: Minor
>              Labels: pull-request-available
>
> *Shield references to {{UserGroupInformation}} Class.*
> The current HDFS client keytab authentication code is as follows:
> {code:java}
> Configuration conf = new Configuration();
> conf.addResource(new 
> Path("/usr/local/service/hadoop/etc/hadoop/hdfs-site.xml"));
> conf.addResource(new 
> Path("/usr/local/service/hadoop/etc/hadoop/core-site.xml"));
> UserGroupInformation.setConfiguration(conf);
> UserGroupInformation.loginUserFromKeytab("foo", "/var/krb5kdc/foo.keytab");
> FileSystem fileSystem = FileSystem.get(conf);
> FileStatus[] fileStatus = fileSystem.listStatus(new Path("/"));
> for (FileStatus status : fileStatus) {
>     System.out.println(status.getPath());
> } {code}
> This feature supports configuring keytab information in core-site.xml or hdfs 
> site.xml. The authentication code is as follows:
> {code:java}
> Configuration conf = new Configuration();
> conf.addResource(new 
> Path("/usr/local/service/hadoop/etc/hadoop/hdfs-site.xml"));
> conf.addResource(new 
> Path("/usr/local/service/hadoop/etc/hadoop/core-site.xml"));
> FileSystem fileSystem = FileSystem.get(conf);
> FileStatus[] fileStatus = fileSystem.listStatus(new Path("/"));
> for (FileStatus status : fileStatus) {
>     System.out.println(status.getPath());
> } {code}
> The config of core-site.xml related to authentication is as follows:
> {code:java}
> <configuration>
>     <property>
>         <name>hadoop.security.authentication</name>
>         <value>kerberos</value>
>     </property>
>     <property>
>         <name>hadoop.client.keytab.principal</name>
>         <value>foo</value>
>     </property>
>     <property>
>         <name>hadoop.client.keytab.file.path</name>
>         <value>/var/krb5kdc/foo.keytab</value>
>     </property>
> </configuration> {code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to