Hadoop-Kerberos aunthentication flow

Aneela Saleem aneela at platalytics.com
Tue Jul 12 13:40:04 EDT 2016


Here is the link
<https://drive.google.com/file/d/0BytQ11DT_A8HUjhIcUU2bm1PSlU/view?usp=sharing>

On Tue, Jul 12, 2016 at 10:15 PM, Tom Yu <tlyu at mit.edu> wrote:

> This list forbids image attachments.  Please post it on the web
> somewhere and send a link in your email.
>
> Thanks,
> -Tom
>
> "Mirkar, Shahezad" <Shahezad_Mirkar at bmc.com> writes:
>
> > Hi,
> >
> > It seems image is filtered can you send it again?
> >
> > Thanks and Regards,
> > Shahezad Mirkar
> >
> > -----Original Message-----
> > From: kerberos-bounces at mit.edu [mailto:kerberos-bounces at mit.edu] On
> Behalf Of Aneela Saleem
> > Sent: 12 July 2016 17:50
> > To: kerberos at mit.edu
> > Subject: Hadoop-Kerberos aunthentication flow
> >
> > Hi all,
> >
> > I have configured Kerberos with Hadoop. I'm facing difficulty in mapping
> the Kerberos architecture and whole flow of authentication to my
> application. Following is my usecase:
> >
> > We have a web application that calls backend services, which
> communicates with Hadoop ecosystem internally. Now i don't have clear idea
> how the kerberos aunthentication will take place, where the tokens will be
> stored i.e., whether client-side or server side. How the credential cache
> would be managed,when two or more users access the application and access
> hadoop, because when we do kinit the old credential cache is replaced by
> the new one. What would be the complete flow?
> >
> > Please see the attached image.
> >
> > ________________________________________________
> > Kerberos mailing list           Kerberos at mit.edu
> > https://mailman.mit.edu/mailman/listinfo/kerberos
>


More information about the Kerberos mailing list