[AMBARI-5011] Security Wizard: enable Kerberos setup for Falcon - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 1.5.0
Fix Version/s: 1.5.0
Component/s: ambari-web
Labels:
None

Description

To enable security we need add following properties to falcon-startup.properties:

"*.falcon.http.authentication.kerberos.principal":"HTTP/_HOST@EXAMPLE.COM"
"*.falcon.http.authentication.kerberos.keytab":"/etc/security/keytabs/spnego.service.keytab"
"*.falcon.service.authentication.kerberos.principal":"falcon/_HOST@EXAMPLE.COM"
"*.falcon.service.authentication.kerberos.keytab":"/etc/security/keytabs/falcon.service.keytab"
"*.dfs.namenode.kerberos.principal":"nn/_HOST@EXAMPLE.COM"
"*.falcon.http.authentication.type":"kerberos"
"*.falcon.authentication.type":"kerberos"

Also, we need to add

<properties>
	<property name="dfs.namenode.kerberos.principal" value="nn/_HOST@EXAMPLE.COM" />
</properties>

in cluster definition to make it works in secured mode.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

AMBARI-5011_2.patch
11/Mar/14 22:01
0.7 kB
Jaimin Jetly
AMBARI-5011.patch
11/Mar/14 02:22
65 kB
Jaimin Jetly

Issue Links

is related to

AMBARI-5012 Security Wizard: Verify Falcon service works with Kerberos envirnonment.

Resolved

Activity

People

Assignee:: Jaimin Jetly

Reporter:: Jaimin Jetly

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 11/Mar/14 02:21

Updated:: 11/Mar/14 23:33

Resolved:: 11/Mar/14 23:33