Cloudera Community

Archives of Support Questions (Read Only)

This is an archived board for historical reference. Information and links may no longer be available or relevant
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
This board is archived and read-only for historical reference. To ask a new question, please post a new topic on the appropriate active board.
Solved Go to solution

Can there be 2 Authentication Provider in 1 Knox Topology?

Labels:
avatar
author-rank hkropp
Super Collaborator

Created ‎04-11-2016 02:40 PM

Can I configure two authentication provider for Knox and if how would that work?

2,897 Views
1 ACCEPTED SOLUTION

avatar
author-rank pminovic author-rank
Master Guru

Created ‎04-11-2016 03:20 PM

As far as I know, up to Knox-0.6 (currently used in HDP) there can be only one Auth. provider per topology. Last time when I faced such a requirement I created two topologies, one for each Auth. provider.

Edit: KNOX-236 is going to provide such a feature but "in the future".

View solution in original post

2,624 Views
2 REPLIES 2

avatar
author-rank pminovic author-rank
Master Guru

Created ‎04-11-2016 03:20 PM

As far as I know, up to Knox-0.6 (currently used in HDP) there can be only one Auth. provider per topology. Last time when I faced such a requirement I created two topologies, one for each Auth. provider.

Edit: KNOX-236 is going to provide such a feature but "in the future".

2,625 Views

avatar
author-rank kevin_minder
Guru

Created ‎04-11-2016 03:23 PM

It is technically possible to have more than one authentication provider in a given topology but the result is unlikely to be what is expected. The first reason might be that all but one of them is enabled=false so that there is in effect only one. The other possibility is that a given custom service in a topology requires a specific authentication provider implementation. In this case the first enabled authentication provider in the topology would be the default and the custom service would identify a specific authentication provide by role and name in its service.xml file.

2,624 Views
Announcements
What's New @ Cloudera
Product Update: Cloudera Flow Management Operator for Kubern...
What's New @ Cloudera
Product Update: Cloudera Data Flow v3.1 for Cloudera on Clou...
Community Announcements
May 2026 Community Highlights
Community Announcements
Testing the tags to new post
What's New @ Cloudera
Cloudera Real time Monitoring for 7.1.9+ and 7.2.18+ with Cl...
View More Announcements