[HADOOP-13013] Introduce Apache Kerby into Hadoop - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
None

Description

As discussed in the mailing list, we’d like to introduce Apache Kerby into Hadoop. Apache Kerby is a Kerberos centric project and aims to provide a first Java Kerberos library that contains both client and server supports. The relevant features include:
It supports full Kerberos encryption types aligned with both MIT KDC and MS AD; Client APIs to allow to login via password, credential cache, keytab file and etc.; Utilities for generate, operate and inspect keytab and credential cache files; A simple KDC server that borrows some ideas from Hadoop-MiniKDC and can be used in tests but with minimal overhead in external dependencies; A brand new token mechanism is provided, can be experimentally used, using it a JWT token can be used to exchange a TGT or service ticket; Anonymous PKINIT support, can be experientially used, as the first Java library that supports the Kerberos major extension.

Attachments

Issue Links

requires

HADOOP-13014 Add the MiniKdcService in Hadoop

Open

HADOOP-13015 Implement kinit command execution facility in Java by leveraging Apache Kerby

Open

HADOOP-12911 Upgrade Hadoop MiniKDC with Kerby

Resolved

HADOOP-13027 Add unit test for MiniKDC to issue tickets for >1 persons in the same instance

Open

Activity

People

Assignee:: Jiajia Li

Reporter:: Jiajia Li

Votes:: 0 Vote for this issue

Watchers:: 11 Start watching this issue

Dates

Created:: 11/Apr/16 06:40

Updated:: 15/Apr/16 02:36