一、hive主动登录
// 设置jvm启动时krb5的读取路径参数
System.setProperty(“java.security.krb5.conf”, propertie.getProperty(“kerberos.krb5.path”));
if(configuration == null){
configuration = new Configuration();
}
configuration.set(“hadoop.security.authentication”, “Kerberos”);
String principal = properties.getProperty(“hive.kerberos.principal”);
String keytabPath = properties.getProperty(“hive.kerberos.keytab.path”);
UserGroupInformation.setConfiguration(configuration);
try {
UserGroupInformation.loginUserFromKeytab(principal, keytabPath);
} catch (IOException e) {
e.printStackTrace();
System.exit(1);
}
LOG.info(“********** Hive Succeeded in authenticating through Kerberos! **********”);
}
二、hbase
//hbase启动kerberos认证
if(“1”.equals(enableKerberosAuth)){
String principal = properties.getProperty(“hbase.kerberos.principal”);
String keytabPath = properties.getProperty(“hbase.kerberos.keytab.path”);
String dynamicPrincipalMaster = properties.getProperty(“hbase.master.kerberos.principal”);
String dynamicPrincipalReg = properties.getProperty(“hbase.regionserver.kerberos.principal”);
//hbase的配置信息
configuration.set(“hadoop.security.authentication”, “Kerberos”);
configuration.set(“hbase.security.authentication”,”Kerberos”);
configuration.set(“hbase.master.kerberos.principal”, dynamicPrincipalMaster);
configuration.set(“hbase.regionserver.kerberos.principal”, dynamicPrincipalReg);
/*configuration.set(“hbase.rpc.engine”, “org.apache.hadoop.hbase.ipc.SecureRpcEngine”);
configuration.set(“kerberos.principal”, dynamicPrincipal);
configuration.set(“hbase.regionserver.keytab.file”, keytabPath);*/
UserGroupInformation.setConfiguration(configuration);
try {
UserGroupInformation.loginUserFromKeytab(principal, keytabPath);
} catch (IOException e) {
e.printStackTrace();
System.exit(1);
}
LOG.info(“********** HBase Succeeded in authenticating through Kerberos! **********”);
}else{ //hbase不启动kerberos认证
}
三、yarn
//yarn的配置
String dynamicPrincipalYarn = properties.getProperty(“yarn.kerberos.resourcemanager.principal”);
configuration.set(“yarn.resourcemanager.principal”, dynamicPrincipalYarn);
//conf.set(“yarn.resourcemanager.keytab”, param.getKeytabPosition());
//conf.set(“yarn.nodemanager.keytab”, param.getKeytabPosition());
//conf.set(“yarn.nodemanager.principal”, param.getKerberousPrincipal());
//conf.set(“yarn.nodemanager.container-executor.class”, “org.apache.hadoop.yarn.server.nodemanager.LinuxContainerExecutor”);
//conf.set(“yarn.nodemanager.linux-container-executor.group”, “yarn”);