Example Implementation for Oozie
The example implementation is NOT SECURE. Its purpose is to be as simple as possible, as an example of how to write your own AltKerberosAuthenticationHandler subclass.
It should NOT be used in a production environment
An example implementation of AltKerberosAuthenticationHandler is included (though not built by default) with Oozie. Also included is a simple Login Server with two implementations. The first one will authenticate any user who is using a username and password that are identical, such as foo:foo. The second one can be configured against an LDAP server to use LDAP for authentication.
You can read comprehensive documentation on the example at Creating Custom Authentication.
If you installed Oozie from the CDH packages and are deploying oozie-login.war alongside oozie.war, you will also need to run the following commands after you copy the oozie-login.war file to /usr/lib/oozie/oozie-server (if using YARN or /usr/lib/oozie/oozie-server-0.20 if using MRv1) because it won't automatically be expanded:
jar xvf oozie-login.war mkdir oozie-login mv META-INF oozie-login/ mv WEB-INF oozie-login/
|<< Previous: Step 3: Enabling Your AltKerberosAuthenticationHandler Subclass||Next: Appendix A – Troubleshooting >>|