Hey Haohui, Thanks for responding. I understand that I can disable security. I am wondering if I should in this situation. Or to turn the question around: is there a significant benefit to turning security on here? On Jan 21, 2014 8:26 PM, "Haohui Mai" <h...@hortonworks.com> wrote:
> Hi Koert, > > I'm wondering what is the end-to-end goal you want to achieve. > > You can disable security in Hadoop, where the cluster does not perform > additional authentication. Obviously you can go without kerberos in this > case and protect your clusters with other measures you've mentioned. > > Alternatively, you can enable security without kerberos by plugging in > your own authentication filter. > > ~Haohui > > > > > On Tue, Jan 21, 2014 at 4:45 PM, Koert Kuipers <ko...@tresata.com> wrote: > >> i understand kerberos is used on hadoop to provide security in a >> multi-user environment, and i can totally see its usage for a shared >> cluster within a company to make sure sensitive data for one department is >> safe from prying eyes of another department. >> >> but for a hadoop cluster that sits "behind" a bunch of web servers to do >> say log analysis, and that already is protected by standard measures (no >> route to cluster from outside, so a web server would have to get >> compromised to gain access), is there any value in securing it with >> kerberos? does anyone do that? >> > > > CONFIDENTIALITY NOTICE > NOTICE: This message is intended for the use of the individual or entity > to which it is addressed and may contain information that is confidential, > privileged and exempt from disclosure under applicable law. If the reader > of this message is not the intended recipient, you are hereby notified that > any printing, copying, dissemination, distribution, disclosure or > forwarding of this communication is strictly prohibited. If you have > received this communication in error, please contact the sender immediately > and delete it from your system. Thank You.
