On 1/5/10 10:57 PM, "gs...@tce.edu" <gs...@tce.edu> wrote: > i am doing my research in hadoop security design. > Instead of using kerberos for hadoop security is it possible to > use Ldap authentication protocol???
Using LDAP (or NIS+, or NIS, or passwd/shadow files, or ... ) will require a password prompt, something that I think the current design specifically avoids requiring (I still need to read Owen's doc). If Kerberos isn't an option, then it would probably be better to work on something certificate based (SPKM, LIPKEY, etc) that would also avoid the dreaded pw prompt. [But now you have a lot more operational challenges. PKI is way more awful to truly support than Kerberos, IMO.] > have learnt that except name nodes all other services of hadoop > support only kerberos authentication protocol..is it so??? Currently, there is no authentication in Hadoop.
