Using Java Applications with Secure Clusters
Describes ramifications associated with using Java applications in a Data Fabric secure environment.
A secure computing environment places additional requirements on the Java Virtual Machine
(JVM) properties of Java clients. The JVMs launched by Data Fabric with scripts, such as those used by the
maprcli
, hadoop
, or hbase
commands, have
those properties automatically set by Data Fabric. Data Fabric attempts to set useful values for these properties.
When a JVM is used or launched directly, such as when you write a stand-alone Java program, any Java code that sets values for the following properties may cause issues on your cluster.
Property | Default Value | Description |
---|---|---|
java.security.auth.login.config |
/opt/mapr/conf/mapr.login.conf
|
Path to the file that specifies JAAS configurations used by Data Fabric. |
javax.net.ssl.trustStore |
/opt/mapr/conf/ssl_truststore
|
Controls the truststore used by Data Fabric clients for HTTPS connections. |
http.auth.preference |
basic
|
The default setting disables JVM's default handling of SPNEGO, enabling Data Fabric's Hadoop code to handle SPNEGO authentication. |
zookeeper.saslprovider |
com.mapr.security.maprsasl.MaprSaslProvider
|
Enables ZooKeeper security. |
hadoop.login |
hadoop_default
|
Controls the JAAS configuration used by Data Fabric security. |