Uploaded image for project: 'Ambari (Retired)'
  1. Ambari (Retired)
  2. AMBARI-18365

Add Ambari configuration options to support Kerberos token authentication

    XMLWordPrintableJSON

Details

    Description

      Add the followng Ambari configuration options to support Kerberos token authentication

      • authentication.kerberos.enabled
        • Determines whether to use Kerberos (SPNEGO) authentication when connecting Ambari: true to enable this feature; false, otherwise
      • authentication.kerberos.spnego.principal
        • The Kerberos principal name to use when verifying user-supplied Kerberos tokens for authentication via SPNEGO
      • authentication.kerberos.spnego.keytab.file
        • The Kerberos keytab file to use when verifying user-supplied Kerberos tokens for authentication via SPNEGO
      • authentication.kerberos.user.types
        • A comma-delimited (ordered) list of preferred user types to use when finding the Ambari user account for the user-supplied Kerberos identity during authentication via SPNEGO
      • authentication.kerberos.auth_to_local.rules
        • The auth-to-local rules set to use when translating a user's principal name to a local user name during authentication via SPNEGO.

      NOTE: These properties are in the ambari.properties file since this feature may be enabled whether the rest of the cluster has Kerberos enabled or not.

      Attachments

        1. AMBARI-18365_branch-2.5_01.patch
          28 kB
          Robert Levas
        2. AMBARI-18365_branch-2.5_02.patch
          31 kB
          Robert Levas
        3. AMBARI-18365_trunk_01.patch
          28 kB
          Robert Levas
        4. AMBARI-18365_trunk_02.patch
          31 kB
          Robert Levas

        Issue Links

          Activity

            People

              rlevas Robert Levas
              rlevas Robert Levas
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: