Java Client For Secure Hbase Java Client For Secure Hbase hadoop hadoop

Java Client For Secure Hbase


java security hadoop hbase kerberos

The above works nicely, but I've seen a lot of folks struggle with setting all of the right properties in the Configuration object. There's no de-facto list that I've found of exactly what you need and don't need and it is painfully dependent on your cluster configuration.

The surefire way is to have a copy of your HBase configurations in your classpath, since your client can be anywhere as you mentioned. Then you can add the resources to your object without having to specify all properties.

Configuration conf = HBaseConfiguration.create();conf.addResource("core-site.xml");conf.addResource("hbase-site.xml");conf.addResource("hdfs-site.xml");

Here were some sources to back this approach:IBM,Scalding (Scala)

Also note that this approach doesn't limit you to actually use the internal Zookeeper principal and keytab, i.e. you can create keytabs for applications or Active Directory users and leave the internally generated keytabs for the daemons to authenticate amongst themselves.

java security hadoop hbase kerberos

Not sure if you still need help. I think setting the "hadoop.security.authentication" property is missing from your snippet.

I am using following code snippet to connect to secure HBase (on CDH5). You can give a try.

config.set("hbase.zookeeper.quorum", zookeeperHosts);config.set("hbase.zookeeper.property.clientPort", zookeeperPort);config.set("hadoop.security.authentication", "kerberos");config.set("hbase.security.authentication", "kerberos");config.set("hbase.master.kerberos.principal", HBASE_MASTER_PRINCIPAL);config.set("hbase.regionserver.kerberos.principal", HBASE_RS_PRINCIPAL);UserGroupInformation.setConfiguration(config);UserGroupInformation.loginUserFromKeytab(ZOOKEEPER_PRINCIPAL,ZOOKEEPER_KEYTAB);HBaseAdmin admins = new HBaseAdmin(config);TableName[] tables  = admins.listTableNames();for(TableName table: tables){    System.out.println(table.toString());}

java security hadoop hbase kerberos 

in Jdk 1.8, you need set "System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");"config.set("hbase.zookeeper.quorum", zookeeperHosts);config.set("hbase.zookeeper.property.clientPort", zookeeperPort);config.set("hadoop.security.authentication", "kerberos");config.set("hbase.security.authentication", "kerberos");config.set("hbase.master.kerberos.principal", HBASE_MASTER_PRINCIPAL);config.set("hbase.regionserver.kerberos.principal", HBASE_RS_PRINCIPAL);System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");UserGroupInformation.setConfiguration(config);UserGroupInformation.loginUserFromKeytab(ZOOKEEPER_PRINCIPAL,ZOOKEEPER_KEYTAB);HBaseAdmin admins = new HBaseAdmin(config);TableName[] tables  = admins.listTableNames();for(TableName table: tables){    System.out.println(table.toString());}quote:http://hbase.apache.org/book.html#trouble.client question: 142.9

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last