We have an application that interfaces directly to HDFS and YARN (no
MapReduce). It does not currently support any Hadoop security other than the
insecure "trust the client" defaults. I've been doing some reading about
Hadoop security, but it mostly assumes that applications will be MapReduce.
For a "native" YARN/HDFS application, what changes if any must be made to the
API calls to support Kerberos or other authentication? Does it just happen
automatically at the OS level using the authenticated user ID of the process?
If there's a good reference I'd appreciate it.
john
