Is there a way to limit the # of connections per user? We are having to respond to security guidelines for databases and they have the desire the max # of connections for each user (we're using Kerberos and AD) to avoid DDOS attacks.
FYI, if there is a place to hook some Java code into HBase as a coprocessor or some other mechanism, we're willing to take it on. Our customer stops short of us monkeying with the actual HBase/Phoenix code base (we are using Phoenix on top of HBase).
For a kerberized environment when an authorized user/application grabs a ticket the default lifetime is configurable in /etc/krb5.conf usually ticket_lifetime = 24h, but note should be taken that this ticket is renewed automatically as long as there is a job running previously. Kerberos won't expire the ticket which would lead to the job to fail.
I don't know id AD has a mechanism to timeout idle connections but most databases have a configurable session timeout.
Can you be more specific on the databases.
It's less a matter of ticket timeout and more restricting the same user for creating lots of sessions. I'm looking into custom ranger plugins which looks promising.
Starting Hive 3 we have following properties to limit the number of connections