Kerberos Archives - Java / Cloud / BigData

August 16, 2022August 16, 2022
Kafka, Kerberos
Leave a comment

Kafka broker Kerberos

Let’s see how we can configure Kerberos between Kafka broker and Kafka client on server side. The client side is presented here: https://mchesnavsky.tech/how-to-create-kafka-kerberos-java-consumer. <kafka_home>/conf/server.properties <kafka_home>/bin/kafka-run-class.sh Insert this: To KAFKA_OPTS: Result: /your/path/to/kafka_server_jaas.conf Kerberos between Kafka brokers is configuring with separate conf keys (which we not mentioned in this article). Above configuration is for broker-client interaction.

August 5, 2022August 5, 2022
Java, Kafka, Kerberos
Leave a comment

How to create Kafka Kerberos Java consumer

Suppose that you need to create Kafka Java consumer with Kerberos. The code will be: You don’t need to specify java.security.auth.login.config Java property, because we set SaslConfigs.SASL_JAAS_CONFIG property directly to the consumer. You just need to made changes in kafkaJaasConfiguration() method that necessary for your Kerberos configuration.

How to set JAAS configuration programmatically

Sometimes you need to set java.security.auth.login.config property programmatically. Here is how you can do it. Just modify LoginConfig class to satisfy your needs:

July 5, 2022July 5, 2022
Hadoop, Java, Kerberos
Leave a comment

How to extract Kerberos TGT from UserGroupInformation

If you need to view lifetime of your Kerberos ticket in Hadoop’s UserGroupInformation or see Kerberos ticket expiration date in UserGroupInformation (and do other things), you need extract Kerberos TGT from UserGroupInformation. This piece of code will be very useful for you:

April 28, 2021August 10, 2021
Java, Kerberos
Leave a comment

Keytab principals list in Java

If you need to get a list of keytab principals through Java code, you can use the sun.security.krb5.internal.ktab.KeyTab class:

April 20, 2021August 10, 2021
Kerberos, Linux
Leave a comment

Keytab encryption types list

Let’s imagine that we needed to determine what principles and what encryption types exist in a certain keytab. To do this, we will use the ktutil utility: After we have entered the CLI of this utility, we type the following commands: Something like this will be displayed:

March 2, 2021March 21, 2021
Hadoop, Java, Kerberos
Leave a comment

Cannot find key AP REP RC4 Kerberos

If you get an exception like this: Check this two things first: Is the path to the keytab correct? Does the process have permission to read the keyab? In my case it turned out that there was no keytab read permission in hdfs. Thanks Xavier Portebois.