-
Notifications
You must be signed in to change notification settings - Fork 504
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
support hbase enable kerberos authentication #1234
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for contributing, there are some minor comments:
- The PR title is expected to be more clear, like "support hbase enable kerberos authentication".
- And "implement hbase作为backend是否支持开启kerberos认证? #1227" to commit message.
- Some inline comments.
hugegraph-hbase/src/main/java/com/baidu/hugegraph/backend/store/hbase/HbaseSessions.java
Outdated
Show resolved
Hide resolved
hugegraph-hbase/src/main/java/com/baidu/hugegraph/backend/store/hbase/HbaseSessions.java
Outdated
Show resolved
Hide resolved
hugegraph-hbase/src/main/java/com/baidu/hugegraph/backend/store/hbase/HbaseOptions.java
Outdated
Show resolved
Hide resolved
hugegraph-hbase/src/main/java/com/baidu/hugegraph/backend/store/hbase/HbaseOptions.java
Outdated
Show resolved
Hide resolved
support hbase enable kerberos authentication.add configs as follows: hbase.kerberos.enable, default value:false hbase.krb5.conf,default value:/etc/krb5.conf hbase.kerberos.principal,default value:"" hbase.kerberos.keytab,default value:""
Codecov Report
@@ Coverage Diff @@
## master #1234 +/- ##
============================================
- Coverage 65.13% 65.12% -0.02%
Complexity 5758 5758
============================================
Files 366 366
Lines 29910 29926 +16
Branches 4223 4224 +1
============================================
+ Hits 19483 19490 +7
- Misses 8447 8455 +8
- Partials 1980 1981 +1
Continue to review full report at Codecov.
|
6eba0f9
to
7bfcb12
Compare
hConfig = HBaseConfiguration.create(); | ||
String principal = config.get(HbaseOptions.HBASE_KERBEROS_PRINCIPAL); | ||
String keyTab = config.get(HbaseOptions.HBASE_KERBEROS_KEYTAB); | ||
hConfig.set("hadoop.security.authentication", "kerberos"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
add hConfig.set("hadoop.security.authorization", "true");
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's not a legal argument. After setting,program reports exception ,as follows:
Exception in thread "main" java.lang.IllegalArgumentException: Invalid attribute value for hadoop.security.authentication of true
at org.apache.hadoop.security.SecurityUtil.getAuthenticationMethod(SecurityUtil.java:609)
at org.apache.hadoop.security.UserGroupInformation.initialize(UserGroupInformation.java:272)
at org.apache.hadoop.security.UserGroupInformation.setConfiguration(UserGroupInformation.java:311)
Configuration hConfig = null; | ||
if(isEnableKerberos) { | ||
String krb5Conf = config.get(HbaseOptions.HBASE_KRB5_CONF); | ||
System.setProperty("java.security.krb5.conf", krb5Conf); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
remove this line if possible.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
which line need to remove?pls tell me line num.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@houzhizhen It seems that setting this environment java.security.krb5.conf
is the best way, see Locating the krb5.conf Configuration File
hugegraph-hbase/src/main/java/com/baidu/hugegraph/backend/store/hbase/HbaseSessions.java
Show resolved
Hide resolved
Configuration hConfig = null; | ||
if(isEnableKerberos) { | ||
String krb5Conf = config.get(HbaseOptions.HBASE_KRB5_CONF); | ||
System.setProperty("java.security.krb5.conf", krb5Conf); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@houzhizhen It seems that setting this environment java.security.krb5.conf
is the best way, see Locating the krb5.conf Configuration File
09a1794
to
03c8a1f
Compare
support hbase enable kerberos authentication. add configs as follows: - hbase.kerberos.enable, default value:false - hbase.krb5.conf,default value:/etc/krb5.conf - hbase.kerberos.principal,default value:"" - hbase.kerberos.keytab,default value:"" * implement apache#1227
support hbase enable kerberos authentication.
add configs as follows: