Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
AntsDB can work with three different security mechanisms.
- Unsecured: user can login with any user name and password. The unsecured mode is suitable for development environment where simplicity overweights security. It is the default mode.
- Native security: user name and password are managed by AntsDB. Only authenticated user can log into the database. This security mode is identical to MySQL Native Authentication. Password is hashed using SHA-1 algorithm.
- Kerberos: user name and password are managed by an external Kerberos authentication server under this mode.
To enable native security in AntsDB, follow the steps below
set permanent global antsdb_auth_plugin = 'mysql_native_password'to enable native authentication
create user '<username>' identified by '<password>'to add user to the system
drop user '<username>'to remove user from the system
- run 'alter user '' identified by ''` to change password
set permanent global antsdb_auth_plugin = ''to disable native authentication
AntsDB inherits the security model from Hadoop. It uses Kerberos protocol and the same Authentication Server as configured in the Hadoop cluster. To enable security, the following settings must be set in the configuration file
krb_realm: name of the Kerberos realm
krb_kdc: name of the Kerberos KDC
krb_jaas: location of the Java JAAS configuration file
AntsDB also supports encryption as part of the MySQL network protocol. The following settings must be set in order to enable SSL encryption
ssl.key_file: location of the SSL key file