Database Reference
In-Depth Information
5.
Copy the
keytab
ile to the
conf
directory of all the HBase server host and
make the
hbase
user as the owner of the
keytab
ile with the read only
permissions. Add the following entries to the
hbase-site.xml
coniguration
ile on all of the cluster hosts running the HBase:
<property> <name>hbase.regionserver.kerberos.principal
</name>
<value>hbase/_HOST@YOUR-REALM.COM</value>
</property>
<property>
<name>hbase.regionserver.keytab.file</name>
<value>/etc/hbase/conf/hbase.keytab</value>
</property>
<property>
<name>hbase.master.kerberos.principal</name>
<value>hbase/_HOST@YOUR-REALM.COM</value>
</property>
<property>
<name>hbase.master.keytab.file</name>
<value>/etc/hbase/conf/hbase.keytab</value>
</property>
Enabling authorization
Perform the following steps to enable authorization:
1.
Add the following property to
hbase-site.xml
on every HBase server host
(Master or RegionServer) as follows:
<property>
<name>hbase.security.authorization</name>
<value>true</value>
</property>
<property>
<name>hbase.coprocessor.master.classes</name> <value>org.
apache.hadoop.hbase.security.access.AccessController</value>
</property>
<property>
<name>hbase.coprocessor.region.classes</name> <value>org.
apache.hadoop.hbase.security.token.TokenProvider,org.apache.
hadoop.hbase.security.access.AccessController
</value>
</property>