2.3.5.5. Optional: Configure Client-Side Operation For Secure Operation - Thrift Gateway

Add the following to the hbase-site.xml file for every Thrift gateway:

   <property>
      <name>hbase.thrift.kerberos.principal</name>
      <value>$USER/_HOST@HADOOP.LOCALDOMAIN</value>
    </property>
     <property>
      <name>hbase.thrift.keytab.file</name>
      <value>/etc/hbase/conf/hbase.keytab</value>
    </property>

Substitute the appropriate principal and keytab file respectively.

The Thrift gateway authenticates with HBase using the supplied credentials. No authentication is performed by the Thrift gateway itself. All client access via the Thrift gateway uses the Thrift gateway's credentials and has its privileges.


loading table of contents...