Grokbase Groups Hadoop scm-users September 2013
FAQ
Hi,

I have configured secure Hdfs and Hbase with Cloudera Manager to enable
Kerberos authorization for HDFS, hue and hbase.
I made sure REST API for WebHDFS is work successfully.
------------
[[email protected] ~]# kinit user01
Password for [email protected]:
[[email protected] ~]# curl --negotiate -u: -i "
http://dhcp149216:50070/webhdfs/v1/user/user01/samp.dat?op=open"
HTTP/1.1 401
Cache-Control: must-revalidate,no-cache,no-store
Date: Tue, 24 Sep 2013 02:20:10 GMT
Pragma: no-cache
Date: Tue, 24 Sep 2013 02:20:10 GMT
Pragma: no-cache
Content-Type: text/html; charset=iso-8859-1
WWW-Authenticate: Negotiate
Set-Cookie: hadoop.auth=;Path=/;Expires=Thu, 01-Jan-1970 00:00:00 GMT
Content-Length: 1378
Server: Jetty(6.1.26.cloudera.2)

HTTP/1.1 307 TEMPORARY_REDIRECT
Cache-Control: no-cache
Expires: Thu, 01-Jan-1970 00:00:00 GMT
Date: Tue, 24 Sep 2013 02:20:10 GMT
Pragma: no-cache
Date: Tue, 24 Sep 2013 02:20:10 GMT
Pragma: no-cache
Content-Type: application/octet-stream
Set-Cookie: hadoop.auth="u=user01&[email protected]
&t=kerberos&e=1380025210434&s=EHTlCLhBjb09oHHh8mSbapvPp6I=";Path=/
Location:
http://dhcp149216.a01.aist.go.jp:1006/webhdfs/v1/user/user01/samp.dat?op=OPEN&delegation=IAAGdXNlcjAxBnVzZXIwMQCKAUFNxEVOigFBcdDJTgcEFD1nBTkbkBcXKD5PIn8jpnn4g-goEldFQkhERlMgZGVsZWdhdGlvbhQxNTAuMjkuMTQ5LjIxNjo1MDA3MA&namenoderpcaddress=dhcp149216.a01.aist.go.jp:8020&offset=0
Content-Length: 0
Server: Jetty(6.1.26.cloudera.2)
------------

But, I found Kerberos Authentication of Hbase is not done while I access
to Hbase REST gateway.

----
[[email protected] ~]# kdestroy

[[email protected] ~]$ curl http://dhcp149216:20550/table1/schema
{ NAME=> 'table1', IS_META => 'false', IS_ROOT => 'false', COLUMNS => [ {
NAME => 'column1', BLOCKSIZE => '65536', BLOOMFILTER => 'NONE',
MIN_VERSIONS => '0', KEEP_DELETED_CELLS => 'false', ENCODE_ON_DISK =>
'true', BLOCKCACHE => 'true', COMPRESSION => 'NONE', VERSIONS => '3',
REPLICATION_SCOPE => '0', TTL => '2147483647', DATA_BLOCK_ENCODING =>
'NONE', IN_MEMORY => 'false' } ] }[[email protected] ~]$
[[email protected] ~]$ curl -X DELETE http://dhcp149216:20550/table1/schema
[[email protected] ~]$ curl -X PUT -H "Content-Type: application/json" -d
'{"@name":"table1", "ColumnSchema":[{"name":"column1"}]}'
http://dhcp149216:20550/table1/schema
[[email protected] ~]$ curl http://dhcp149216:20550/table1/schema{ NAME=>
'table1', IS_META => 'false', IS_ROOT => 'false', COLUMNS => [ { NAME =>
'column1', BLOCKSIZE => '65536', BLOOMFILTER => 'NONE', MIN_VERSIONS =>
'0', KEEP_DELETED_CELLS => 'false', ENCODE_ON_DISK => 'true', BLOCKCACHE =>
'true', COMPRESSION => 'NONE', VERSIONS => '3', REPLICATION_SCOPE => '0',
TTL => '2147483647', DATA_BLOCK_ENCODING => 'NONE', IN_MEMORY => 'false' }
] }
------
Hbase was configured for Kerberos Authentication , but it can be accessd
by anyone from anywhere, Why ?

Please advice me how to access Hbase gateway with kerberos Authentication.

[image: 埋め込み画像 1]

Thanks,

Li Li

To unsubscribe from this group and stop receiving emails from it, send an email to [email protected].

Search Discussions

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupscm-users @
categorieshadoop
postedSep 24, '13 at 2:41a
activeSep 24, '13 at 8:49p
posts6
users3
websitecloudera.com
irc#hadoop

3 users in discussion

李黎: 4 posts Vikram Srivastava: 1 post Romain Rigaux: 1 post

Content

People

Support

Translate

site design / logo © 2023 Grokbase