Security Exceptions

"Secure by default" means network-safe authentication and encryption. This page describes areas in which secure-by-default capabilities are not yet implemented for the data-fabric platform or ecosystem components. Included where applicable, are links to more information to help you work around those issues.

Flume

Flume does not support any authentication mechanism for an Avro client. See Configuring Flume.

Hive

MapR-SASL is not supported for Hive in HTTP mode.

Hue

Certificate verification is disabled on Hue.

NFSv3

NFSv3 is not secure by default, and there are no provisions for authentication or network encryption.

NFSv4

NFSv4 is not secure by default, but it can be secured using Kerberos to enable both encryption and authentication. See Configuring NFSv4 Server for Kerberos.

OpenTSDB

There is no authentication or network encryption by default for read access over REST, and authentication and encryption cannot be enabled. However, note that no updates are allowed over REST; therefore, intruders cannot alter cluster metric data.

ZooKeeper

ZooKeeper supports server-to-server authentication by default, but ZooKeeper does not support encryption and cannot be configured to do so.