Setting up Authentication for Users

The File Migration service uses PAM Shiro to authenticate the user in a dialog presented when opening the UI. The service authentication consults the PAM configurations in /etc/pam.d in the following order (first file in list that exists in that directory is the one used):

  1. mapr-admin
  2. sudo
  3. sshd
  4. passwd
The UI authorizes the following users to login and use the filemigrate service:
  • The owner of the filemigrate process (on the cluster, this will be the MAPR_USER).
  • Any users belonging to comma-separated list of authorized users in the properties file.
  • Any users belonging to any group in comma-separated list of authorized groups in the properties file.

Setting up Authentication for Users in the Properties File

Specify a comma-separated list of users and/or groups who are authorized to log in to the UI in the file in maprfs:///var/mapr/filemigrate directory. If the properties file is not in the directory, follow the steps in Configuring the File Migration Service Using the Properties File.

To set up the list of users and/or groups manually, set the following properties in the file:

  • authorized.users
  • authorized.groups

To edit the file, see Managing Policies. For more information on the properties, see

Setting up Authentication for Users Using the UI

Only authorized users can log in to the UI. To set up authentication for other users:
  1. Log in to the UI and select Settings from the drop-down menu.

  2. Specify a comma-separated list of:
    • Users in the Authorized Users field under Upload Settings.
    • Groups in the Authorized Groups filed under Upload Settings.
  3. Click Save Changes for the changes to take effect.