-
Type:
Sub-task
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: 2.3.0.0-incubating
-
Component/s: Security
-
Labels:None
When used credentials cache:
Try error password in Ranger UI doesn't destroy the existed kerberos credentials (created by last success kinit command)
It's a strange behavior to user.
So we should use user/password for kerberos authentication.
Core logic:
Properties props = new Properties(); if (connectionProperties.containsKey(AUTHENTICATION) && connectionProperties.get(AUTHENTICATION).equals(KERBEROS)) { //kerberos mode props.setProperty("kerberosServerName", connectionProperties.get("principal")); props.setProperty("jaasApplicationName", "pgjdbc"); } String url = String.format("jdbc:postgresql://%s:%s/%s", connectionProperties.get("hostname"), connectionProperties.get("port"), db); props.setProperty("user", connectionProperties.get("username")); props.setProperty("password", connectionProperties.get("password")); return DriverManager.getConnection(url, props);