How to manage users in Oracleto BDA using kerberos authentication

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

setup kerbros for a user
Note: Make sure to run enable the service on Solaris client

Extend the time to 1460d (4 years)

Update on how to create a service or krb ticket

Modify to allow 7 day renew expire ticket

Manuel add crypt types to add a krb ticket

In order for you to connect with kerbros you will need to configure your local (client) to get a krb ticket this includes using a keytab file.

Depending on the OS (source system coming from), please send me the host names so I can just add the below config to the krb.conf file.
Below is the krb5.conf config, if its a Solaris client I will just add it if its a windows client wil have to see what tools to use to get a ticket.

now as the user you connect you need to checkout a krb ticket

Once complete you can now issue any curl commends on the bda

Then use the token to upload to any-node

A bit more of a manual example is first getting the delegation/location, then use that

# Use the delegation/location above to final upload

# Or do it in one step, but use the active namenode
# Example 2 Uses the NameNode port 50070

In one step using the namenode

References
keytab Reference
https://kb.iu.edu/d/aumh
kerberos delegation
http://www.adaltas.com/blog/2013/09/25/webhdfs-security-kerberos-delegation-tokens/

Leave a Reply

avatar
  Subscribe  
Notify of