Configuring Impersonation without Cluster Security
Describes how to use impersonation on a non-secure cluster.
About this task
To configure impersonation without enabling cluster security, perform the following steps on the client.
Procedure
- Enable impersonation for each ecosystem component you will use that supports impersonation. See Component Requirements for Impersonation in How Impersonation Works.
- Enable impersonation for the data-fabric core components. See Enabling Impersonation for the mapr Superuser.
-
On each client system from which you want to use impersonation:
-
Set a
MAPR_IMPERSONATION_ENABLED
environment variable with the valuetrue
. This value must be set in the environment of any process you start that does impersonation. -
Create a file in
/opt/mapr/conf/proxy/
that has the name of the data-fabric superuser or any other user. For the data-fabric superuser, the default file name would bemapr
. For all other users, use their username for the proxy file.
If the data-fabric superuser has a different name in your cluster, use that name for the proxy file. To verify the data-fabric superuser name, check themapr.daemon.user=
line in the/opt/mapr/conf/daemon.conf
file on a data-fabric cluster server. -
Set a