Using Java Applications with Secure Clusters

Describes ramifications associated with using Java applications in a Data Fabric secure environment.

A secure computing environment places additional requirements on the Java Virtual Machine (JVM) properties of Java clients. The JVMs launched by Data Fabric with scripts, such as those used by the maprcli, hadoop, or hbase commands, have those properties automatically set by Data Fabric. Data Fabric attempts to set useful values for these properties.

When a JVM is used or launched directly, such as when you write a stand-alone Java program, any Java code that sets values for the following properties may cause issues on your cluster.

Property Default Value Description
java.security.auth.login.config /opt/mapr/conf/mapr.login.conf Path to the file that specifies JAAS configurations used by Data Fabric.
javax.net.ssl.trustStore /opt/mapr/conf/ssl_truststore Controls the truststore used by Data Fabric clients for HTTPS connections.
http.auth.preference basic The default setting disables JVM's default handling of SPNEGO, enabling Data Fabric's Hadoop code to handle SPNEGO authentication.
zookeeper.saslprovider com.mapr.security.maprsasl.MaprSaslProvider Enables ZooKeeper security.
hadoop.login hadoop_default Controls the JAAS configuration used by Data Fabric security.