Re: do not want to pass username-password in curl command

Wed, 27 May 2015 16:34:45 -0700 

>
> Hi Prateek -
>
> This is a usecase that I see as part of our ongoing work for SSO.
> We would have to fully articulate your usecase here though.
> Curl isn't generally the type of client that I would imagine using an
> APPID and Key with.
>
> What actually works well for curl are things like kerberos.
> Something where you login and curl takes care of the peer authentication
> for you.
>
> We do have an authentication provider or Hadoop Auth - which would buy you
> SPNEGO based authentication.
> There are issues with using it to access some services such as WebHDFS
> currently - these are situations where a browser redirect is used to go
> from a master like NameNode to a slave like DataNode.
>
> It may work for you for HBase through Stargate.
>
> The general use would be:
>
> * kinit to login as your user
> * issue curl commands like:
>   curl -ik --negotiate -H "Accept: text/xml" -X GET '
> https://192.168.44.11:8443/gateway/sandbox/hbase'
>
> If this is something that would meet your needs then we would be
> interested in your experiences testing it out.
>
> If you don't have a secure cluster and kerberos then it won't likely be
> something that you want to add just for curl access through Knox.
>
> I have plans in the back of my mind for acquiring a token and storing it
> in a permissions protected file and accessing it from curl to populate an
> HTTP Header for similar types of usecases. This would still require you to
> provide your username and password to Knox in order to get the token up
> front though.
>
> So, again, we would be interested in more details of your usecase and
> would certainly welcome any help in meeting your requirements as well!
>
> thanks,
>
> --larry
>
> On Wed, May 27, 2015 at 7:05 PM, prateek arora <[email protected]
> > wrote:
>
>> Hi
>>
>> I am using below command to access hadoop service.
>>
>>    curl -ik -u guest:guest-password -H "Accept: text/xml" -X GET '
>> https://192.168.44.11:8443/gateway/sandbox/hbase'
>>
>>
>> i do not want to pass username and password over the network.
>>
>> so is there any mechanism  so i can pass some tokens or api-key so i can
>> hide user-name and password .
>>
>> Regards
>> Prateek
>>
>
>

Reply via email to