[37567] in Kerberos
RE: Hadoop-Kerberos aunthentication flow
daemon@ATHENA.MIT.EDU (Mirkar, Shahezad)
Tue Jul 12 13:02:44 2016
From: "Mirkar, Shahezad" <Shahezad_Mirkar@bmc.com>
To: Aneela Saleem <aneela@platalytics.com>,
"kerberos@mit.edu"
<kerberos@mit.edu>
Date: Tue, 12 Jul 2016 17:02:22 +0000
Message-ID: <3e2f7b9e358844a5bfc5256b9c071319@hou-exmbprd-03.adprod.bmc.com>
In-Reply-To: <CAC1K3K8JpJDcQSDKvwOPmUZmC3VeqD=nGmvv6GVhfCciJeLocw@mail.gmail.com>
Content-Language: en-US
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Hi,
It seems image is filtered can you send it again?
Thanks and Regards,
Shahezad Mirkar
-----Original Message-----
From: kerberos-bounces@mit.edu [mailto:kerberos-bounces@mit.edu] On Behalf Of Aneela Saleem
Sent: 12 July 2016 17:50
To: kerberos@mit.edu
Subject: Hadoop-Kerberos aunthentication flow
Hi all,
I have configured Kerberos with Hadoop. I'm facing difficulty in mapping the Kerberos architecture and whole flow of authentication to my application. Following is my usecase:
We have a web application that calls backend services, which communicates with Hadoop ecosystem internally. Now i don't have clear idea how the kerberos aunthentication will take place, where the tokens will be stored i.e., whether client-side or server side. How the credential cache would be managed,when two or more users access the application and access hadoop, because when we do kinit the old credential cache is replaced by the new one. What would be the complete flow?
Please see the attached image.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
