System Behavior Changes After Enabling Security

After enabling security features for a cluster, the following behaviors change:

  • Users must authenticate with the maprlogin utility.
  • Components that have web UIs, such as the Control System, Hive, and Oozie, require authentication.

    WARNING Note that you must also complete the PAM configuration to set up user authentication for the Control System logins.
  • Several components that communicate over HTTP use HTTPS instead.
  • Encryption is used for network traffic.
  • Access to a cluster using URIs that use the CLDB node's name or IP address, instead of the cluster name, is no longer supported, as in the following examples. The following URIs no longer work after enabling security:
    http://cldb1.cluster.com:7222/f1
    http://10.10.20.10:7221/f1

    The following URIs work after enabling security:

    http:///f1 <access f1 in default cluster>
    http://my.cluster.com/f1