jprdonnelly/impala
1
0
Fork 0
mirror of https://github.com/apache/impala.git synced 2026-01-07 00:02:28 -05:00
Code Issues Projects Releases Wiki Activity
Files
8ea21d099fde57bd358cc073017bdcf80c8d74ca
impala/docs/topics/impala_mixed_security.xml
Jim Apple 3be0f122a5 IMPALA-3398: Add docs to main Impala branch. 
These are refugees from doc_prototype. They can be rendered with the
DITA Open Toolkit version 2.3.3 by:

/tmp/dita-ot-2.3.3/bin/dita \
  -i impala.ditamap \
  -f html5 \
  -o $(mktemp -d) \
  -filter impala_html.ditaval

Change-Id: I8861e99adc446f659a04463ca78c79200669484f
Reviewed-on: http://gerrit.cloudera.org:8080/5014
Reviewed-by: John Russell <jrussell@cloudera.com>
Tested-by: John Russell <jrussell@cloudera.com>
2016-11-17 22:38:44 +00:00

47 lines
2.0 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
<concept id="mixed_security">
<title>Using Multiple Authentication Methods with Impala</title>
<prolog>
<metadata>
<data name="Category" value="Security"/>
<data name="Category" value="Impala"/>
<data name="Category" value="Authentication"/>
<data name="Category" value="Kerberos"/>
<data name="Category" value="LDAP"/>
<data name="Category" value="Administrators"/>
</metadata>
</prolog>
<conbody>
<p>
Impala 2.0 and later automatically handles both Kerberos and LDAP authentication. Each
<cmdname>impalad</cmdname> daemon can accept both Kerberos and LDAP requests through the same port. No
special actions need to be taken if some users authenticate through Kerberos and some through LDAP.
</p>
<p>
Prior to Impala 2.0, you had to configure each <cmdname>impalad</cmdname> to listen on a specific port
depending on the kind of authentication, then configure your network load balancer to forward each kind of
request to a DataNode that was set up with the appropriate authentication type. Once the initial request was
made using either Kerberos or LDAP authentication, Impala automatically handled the process of coordinating
the work across multiple nodes and transmitting intermediate results back to the coordinator node.
</p>
<!--
<p>
This technique is most suitable for larger clusters, where
you are already using load balancing software for high availability.
You configure Impala to run on a different port on the nodes configured for LDAP.
Then you configure the load balancing software to forward Kerberos
connection requests to nodes using the default port, and LDAP connection requests
to nodes using an alternative port for LDAP.
Consult the documentation for your load balancing software for how to
configure that type of forwarding.
</p>
-->
</conbody>
</concept>
Reference in New Issue View Git Blame Copy Permalink