You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ambari.apache.org by "Jaimin D Jetly (JIRA)" <ji...@apache.org> on 2014/10/23 04:30:33 UTC
[jira] [Assigned] (AMBARI-7799) Add Knox kerberos setup to the
existing Ambari security capabilities
[ https://issues.apache.org/jira/browse/AMBARI-7799?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jaimin D Jetly reassigned AMBARI-7799:
--------------------------------------
Assignee: Jaimin D Jetly
> Add Knox kerberos setup to the existing Ambari security capabilities
> --------------------------------------------------------------------
>
> Key: AMBARI-7799
> URL: https://issues.apache.org/jira/browse/AMBARI-7799
> Project: Ambari
> Issue Type: Task
> Components: stacks
> Affects Versions: 1.7.0
> Reporter: Sumit Gupta
> Assignee: Jaimin D Jetly
> Fix For: 1.7.0
>
> Attachments: AMBARI-7799.patch, AMBARI-7799_branch-1.7.0.patch
>
>
> Documentation for setting up Knox to use kerberos can be found here:
> http://knox.apache.org/books/knox-0-5-0/knox-0-5-0.html#Secure+Clusters
> To summarize some of the things that need to be done besides the keytab creation:
> 1. the krb5 conf files need to be created and templated to work with the cluster setup.
> 2. gateway-site.xml needs to be modified to enable security and point to the krb5 conf files
> 3. Other services that Knox is configured to work with may also need some configuration changes. Specifically, core-site.xml, webhcat-site.xml and oozie-site.xml all need to be modified to setup Knox as a trusted proxy
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)