support hbase enable kerberos authentication #1234
Conversation
There was a problem hiding this comment.
Thanks for contributing, there are some minor comments:
- The PR title is expected to be more clear, like "support hbase enable kerberos authentication".
- And "implement hbase作为backend是否支持开启kerberos认证? #1227" to commit message.
- Some inline comments.
hugegraph-hbase/src/main/java/com/baidu/hugegraph/backend/store/hbase/HbaseSessions.java
Outdated
Show resolved
Hide resolved
hugegraph-hbase/src/main/java/com/baidu/hugegraph/backend/store/hbase/HbaseSessions.java
Outdated
Show resolved
Hide resolved
hugegraph-hbase/src/main/java/com/baidu/hugegraph/backend/store/hbase/HbaseOptions.java
Outdated
Show resolved
Hide resolved
hugegraph-hbase/src/main/java/com/baidu/hugegraph/backend/store/hbase/HbaseOptions.java
Outdated
Show resolved
Hide resolved
support hbase enable kerberos authentication.add configs as follows: hbase.kerberos.enable, default value:false hbase.krb5.conf,default value:/etc/krb5.conf hbase.kerberos.principal,default value:"" hbase.kerberos.keytab,default value:""
Codecov Report
@@ Coverage Diff @@
## master #1234 +/- ##
============================================
- Coverage 65.13% 65.12% -0.02%
Complexity 5758 5758
============================================
Files 366 366
Lines 29910 29926 +16
Branches 4223 4224 +1
============================================
+ Hits 19483 19490 +7
- Misses 8447 8455 +8
- Partials 1980 1981 +1
Continue to review full report at Codecov.
|
tmljob
force-pushed
the
hbase-kerberos
branch
from
6eba0f9
to
7bfcb12
Compare
| hConfig = HBaseConfiguration.create(); | ||
| String principal = config.get(HbaseOptions.HBASE_KERBEROS_PRINCIPAL); | ||
| String keyTab = config.get(HbaseOptions.HBASE_KERBEROS_KEYTAB); | ||
| hConfig.set("hadoop.security.authentication", "kerberos"); |
There was a problem hiding this comment.
add hConfig.set("hadoop.security.authorization", "true");
There was a problem hiding this comment.
It's not a legal argument. After setting,program reports exception ,as follows:
Exception in thread "main" java.lang.IllegalArgumentException: Invalid attribute value for hadoop.security.authentication of true
at org.apache.hadoop.security.SecurityUtil.getAuthenticationMethod(SecurityUtil.java:609)
at org.apache.hadoop.security.UserGroupInformation.initialize(UserGroupInformation.java:272)
at org.apache.hadoop.security.UserGroupInformation.setConfiguration(UserGroupInformation.java:311)
| Configuration hConfig = null; | ||
| if(isEnableKerberos) { | ||
| String krb5Conf = config.get(HbaseOptions.HBASE_KRB5_CONF); | ||
| System.setProperty("java.security.krb5.conf", krb5Conf); |
There was a problem hiding this comment.
remove this line if possible.
There was a problem hiding this comment.
which line need to remove?pls tell me line num.
There was a problem hiding this comment.
@houzhizhen It seems that setting this environment java.security.krb5.conf is the best way, see Locating the krb5.conf Configuration File
hugegraph-hbase/src/main/java/com/baidu/hugegraph/backend/store/hbase/HbaseSessions.java
Show resolved
Hide resolved
| Configuration hConfig = null; | ||
| if(isEnableKerberos) { | ||
| String krb5Conf = config.get(HbaseOptions.HBASE_KRB5_CONF); | ||
| System.setProperty("java.security.krb5.conf", krb5Conf); |
There was a problem hiding this comment.
@houzhizhen It seems that setting this environment java.security.krb5.conf is the best way, see Locating the krb5.conf Configuration File
tmljob
force-pushed
the
hbase-kerberos
branch
from
09a1794
to
03c8a1f
Compare
support hbase enable kerberos authentication. add configs as follows: - hbase.kerberos.enable, default value:false - hbase.krb5.conf,default value:/etc/krb5.conf - hbase.kerberos.principal,default value:"" - hbase.kerberos.keytab,default value:"" * implement apache#1227
support hbase enable kerberos authentication.
add configs as follows: