Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support Kerberos connection #4

Open
evren opened this issue Apr 4, 2020 · 1 comment
Open

Support Kerberos connection #4

evren opened this issue Apr 4, 2020 · 1 comment
Assignees
@PaulJackson123

Comments

@evren
Copy link
Member

evren commented Apr 4, 2020
edited by PaulJackson123
Loading

Controller Service should provide additional options for Kerberos authentication.
@PaulJackson123
Copy link
Contributor

PaulJackson123 commented Jun 11, 2020
edited
Loading

This could mean a number of things.

  1. A Nifi equivalent of the --krg5 and --krb5-disable-rdns options
  2. Using the Kerberos credentials of the user that logged in to Nifi to access Stardog
  3. Integration with the Keytab Controller Service

Option 1 would always use the credentials of the user that launched the Nifi service.
Option 2 doesn't seem like something Nifi has written about in the doc or blogs. I could be missing something.
Option 3 (documented here) lets different groups access Stardog as different users by associating each group with their own keytab file.

What's the utility of option 1? It saves the user from entering the credentials one time, but that can be done without Kerberos by using a controller service.

@PaulJackson123 PaulJackson123 self-assigned this Jun 11, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@PaulJackson123 PaulJackson123

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@evren @PaulJackson123