Thin driver and kerberos support

[Sumit Nigam <su...@yahoo.com>]

Hello,
Currently, I connect to Phoenix driver using following string:  "jdbc:phoenix:[quorom]:[port]:[rootNode]:[principal]:[keytab]"
I also notice, that there is a reference to thin driver as - jdbc:phoenix:thin:url=<scheme>://<server-hostname>:<port>
So, should I also change the connect string to use thin? I use Phoenix 4.5.1 with Hbase 0.98.1. Is there any advantage to it?
Secondly, I am yet to try using Kerberos with 4.5.1. Would anyone have any pitfalls to avoid or does it work seamlessly?
Thanks,Sumit

Re: Thin driver and kerberos support

[Nick Dimiduk <nd...@gmail.com>]

In order to connect to a kerberos-secured cluster from the query server,
the query server must be configured to connect using the security
credentials. This means all operations performed by that query server are
performed using these credentials. See the security-related configs
mentioned in the Configuration section [0] of the online docs.

I know there's interest in improving the state of things, but I'm not up to
speed on what JIRAs have been filed in this regard.

[0]: http://phoenix.apache.org/server.html#Configuration

On Mon, Sep 14, 2015 at 10:54 PM, Sumit Nigam <su...@yahoo.com> wrote:

> Hello,
>
> Currently, I connect to Phoenix driver using following string:
>  "jdbc:phoenix:[quorom]:[port]:[rootNode]:[principal]:[keytab]"
>
> I also notice, that there is a reference to thin driver as - jdbc:phoenix:
> *thin*:url=<scheme>://<server-hostname>:<port>
>
> So, should I also change the connect string to use thin? I use Phoenix
> 4.5.1 with Hbase 0.98.1. Is there any advantage to it?
>
> Secondly, I am yet to try using Kerberos with 4.5.1. Would anyone have any
> pitfalls to avoid or does it work seamlessly?
>
> Thanks,
> Sumit
>