Support Questions
Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Advanced Search

Please help me understand how Knoxsso setup works?

Highlighted

Please help me understand how Knoxsso setup works?

Labels:
nhgodwal
Explorer

Created ‎11-03-2017 07:31 PM

I have been referring below docs for knoxsso setup:

- http://knox.apache.org/books/knox-0-13-0/dev-guide.html#KnoxSSO+Integration

- https://knox.apache.org/books/knox-0-11-0/user-guide.html#KnoxSSO+Setup+and+Configuration

I have a two node Hadoop cluster setup. My Knox gateway is running at same host as my cluster's namenode is running. I am also running Demo LDAP for authenticating as Knox user.

Now I am trying to access webhdfs via gateway by sending HTTP requests using curl but every time I have to specify username and password with the request. I believe KnoxSSO can help in this case but I am not yet clear about how it works.

Also, I am following the above-mentioned links for the KnoxSSO setup and I am not very clear about configuration setting in user's guide link -> "Participating Application Configuration - Hadoop Configuration Example". Why would we need this?

Reply
735 Views
0 Kudos
3 REPLIES 3
Highlighted

Re: Please help me understand how Knoxsso setup works?

pbhagade
Contributor

Created ‎11-05-2017 01:55 PM

Hi @GN_Exp

Knox SSO providing WebSSO capabilities to the Hadoop cluster.
For now, HDP supports SSO for Ambari, Ranger, Atas. Means when you login into Ambari using Knox credentials, you can login into Ranger UI an Atlas UI without credentials on Web Console.
In Next major release we will be supporting All components for SSO, probably in HDP 3.0.

https://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.6.2/bk_security/content/knox_sso.html
Please let me know if you require any more info on Knox SSO.

Reply
387 Views
0 Kudos

Re: Please help me understand how Knoxsso setup works?

nhgodwal
Explorer

Created ‎11-05-2017 09:34 PM

@Pravin Bhagade

Thanks for answering!

So does your answer implies that I have to provide credentials every time I request access to webdhdfs using curl commands.

Can I have a kerberoes authentication setup with the demo ldap to bypass credentials with each request?

Reply
387 Views
0 Kudos
Highlighted

Re: Please help me understand how Knoxsso setup works?

pchaudhari
Contributor

Created ‎01-12-2018 10:19 AM

It's similar to session maintenance in web - post login, browser receives a cookie which it sends with every request so that it's authenticity session is maintained. So, with knox it should be possible same way (if you can manage to send cookie with each request post the first one). Kerberos is another authentication mechanism so don't think adding the 2 together will help nullify one of it.

Reply
387 Views
0 Kudos
Don't have an account?
Register
Announcements
Product Announcements
[ANNOUNCE] New Cloudera JDBC 2.6.20 Driver for Apache Impala Released
Product Announcements
Transition to private repositories for CDH, HDP and HDF
Product Announcements
[ANNOUNCE] New Applied ML Research from Cloudera Fast Forward: Few-Shot Text Classification
Product Announcements
[ANNOUNCE] New JDBC 2.6.13 Driver for Apache Hive Released
Product Announcements
[ANNOUNCE] Refreshed Research from Cloudera Fast Forward: Semantic Image Search and Federated Learning
View More Announcements