[AMBARI-18365] Add Ambari configuration options to support Kerberos token authentication - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2.5.0
Fix Version/s: 2.5.0
Component/s: ambari-server
Labels:

Epic Link:
Ambari authentication with Kerberos token

Description

Add the followng Ambari configuration options to support Kerberos token authentication

authentication.kerberos.enabled
- Determines whether to use Kerberos (SPNEGO) authentication when connecting Ambari: true to enable this feature; false, otherwise
authentication.kerberos.spnego.principal
- The Kerberos principal name to use when verifying user-supplied Kerberos tokens for authentication via SPNEGO
authentication.kerberos.spnego.keytab.file
- The Kerberos keytab file to use when verifying user-supplied Kerberos tokens for authentication via SPNEGO
authentication.kerberos.user.types
- A comma-delimited (ordered) list of preferred user types to use when finding the Ambari user account for the user-supplied Kerberos identity during authentication via SPNEGO
authentication.kerberos.auth_to_local.rules
- The auth-to-local rules set to use when translating a user's principal name to a local user name during authentication via SPNEGO.

NOTE: These properties are in the ambari.properties file since this feature may be enabled whether the rest of the cluster has Kerberos enabled or not.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

AMBARI-18365_branch-2.5_01.patch
12/Sep/16 20:30
28 kB
Robert Levas
AMBARI-18365_branch-2.5_02.patch
13/Sep/16 20:42
31 kB
Robert Levas
AMBARI-18365_trunk_01.patch
12/Sep/16 20:30
28 kB
Robert Levas
AMBARI-18365_trunk_02.patch
13/Sep/16 20:42
31 kB
Robert Levas

Issue Links

links to

ReviewBoard

Activity

People

Assignee:: Robert Levas

Reporter:: Robert Levas

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 12/Sep/16 18:29

Updated:: 21/Oct/16 21:26

Resolved:: 14/Sep/16 15:14