使用指南
导入依赖包
compile group: 'org.apache.hadoop', name: 'hadoop-hdfs', version: '2.7.6'compile group: 'org.apache.hadoop', name: 'hadoop-common', version: '2.7.6'
krb5.conf 文件(从KDC
服务器上复制下来)
[libdefaults] renew_lifetime = 7d forwardable = true default_realm = EXAMPLE.COM ticket_lifetime = 24h dns_lookup_realm = false dns_lookup_kdc = false default_ccache_name = /tmp/krb5cc_%{uid} #default_tgs_enctypes = aes des3-cbc-sha1 rc4 des-cbc-md5 #default_tkt_enctypes = aes des3-cbc-sha1 rc4 des-cbc-md5 [logging] default = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log kdc = FILE:/var/log/krb5kdc.log[realms] EXAMPLE.COM = { admin_server = storm1.demo.com kdc = storm1.demo.com }
admin.keytab 文件位置(从服务器复制下来)
生成方式
root@storm1 ~# kadmin.localAuthenticating as principal admin/admin@EXAMPLE.COM with password. kadmin.local: xst -k admin.keytab -norandkey admin/admin Entry for principal admin/admin with kvno 6, encryption type aes256-cts-hmac-sha1-96 added to keytab WRFILE:admin.keytab. Entry for principal admin/admin with kvno 6, encryption type aes128-cts-hmac-sha1-96 added to keytab WRFILE:admin.keytab. Entry for principal admin/admin with kvno 6, encryption type des3-cbc-sha1 added to keytab WRFILE:admin.keytab. Entry for principal admin/admin with kvno 6, encryption type arcfour-hmac added to keytab WRFILE:admin.keytab. Entry for principal admin/admin with kvno 6, encryption type camellia256-cts-cmac added to keytab WRFILE:admin.keytab. Entry for principal admin/admin with kvno 6, encryption type camellia128-cts-cmac added to keytab WRFILE:admin.keytab. Entry for principal admin/admin with kvno 6, encryption type des-hmac-sha1 added to keytab WRFILE:admin.keytab. Entry for principal admin/admin with kvno 6, encryption type des-cbc-md5 added to keytab WRFILE:admin.keytab. kadmin.local: exit
在当前目录会生成一个文件
root@storm1 ~# lsadmin.keytab
JAVA代码
public void testExist() throws IOException { String file = "hdfs://storm1.demo.com:8020"; System.setProperty("java.security.krb5.conf", "/etc/krb5.conf"); Configuration conf = new Configuration(); conf.set("hadoop.security.authentication", "kerberos"); conf.set("java.security.krb5.conf", "/etc/krb5.conf"); UserGroupInformation.setConfiguration(conf); try { UserGroupInformation.loginUserFromKeytab("admin/admin", "/Users/huanghuanlai/dounine/kerberos/keytabs/admin.keytab"); } catch (Exception e) { e.printStackTrace(); } FileSystem fs = FileSystem.get(URI.create(file), conf); System.out.println(fs.exists(new Path("/"))); }
运行效果
image.png
作者:dounine
链接:https://www.jianshu.com/p/617a4e7f37aa
点击查看更多内容
为 TA 点赞
评论
共同学习,写下你的评论
评论加载中...
作者其他优质文章
正在加载中
感谢您的支持,我会继续努力的~
扫码打赏,你说多少就多少
赞赏金额会直接到老师账户
支付方式
打开微信扫一扫,即可进行扫码打赏哦