[ https://issues.apache.org/jira/browse/RANGER-686?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14948906#comment-14948906
]
Don Bosco Durai commented on RANGER-686:
----------------------------------------
>We would have to deal with ranger HA deployments, i.e. when a keytab is uploaded it would
have to be made available on all hosts running ranger-admin.
[~aloklal99], it is pretty standard in Hadoop to generate host specific keytabs for the services.
Keytabs used by Ranger service won't be different.
> Allow specifying keytabs in Ranger repositories
> -----------------------------------------------
>
> Key: RANGER-686
> URL: https://issues.apache.org/jira/browse/RANGER-686
> Project: Ranger
> Issue Type: New Feature
> Reporter: Velmurugan Periasamy
> Assignee: Gautam Borad
> Fix For: 0.6.0
>
>
> PROBLEM: Currently you have to specify a principal and password when configuring Ranger
repositories. It would be useful to allow specifying a principal and keytab instead of password
for authenticating the lookup-client user.
> USE CASE: Sites which have regular password expiration will experience the lookup clients
fail routinely. Also specifying keytab instead of password is considered a best practice.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
|