How can I connect my SpringBoot application to Apache Ozone using Kerberos

Question

I want to pull data from Apache Ozone into my SpringBoot application. The authentication method for connecting to Ozone Store is Kerberos.

I have OzoneUrl(hostIp & Port), KeyTab, Principal and ServicePrincipal and i want to use these properties for connection

I tried using this dependency

<!-- https://mvnrepository.com/artifact/org.apache.hadoop/hadoop-ozone-client -->
<dependency>
    <groupId>org.apache.hadoop</groupId>
    <artifactId>hadoop-ozone-client</artifactId>
    <version>1.1.0</version>
</dependency>

My Connection Code =>

 OzoneConfiguration ozoneConfiguration = new OzoneConfiguration();
        ozoneConfiguration.set("ozone.om.address",ozoneUrl);
OzoneClient oz = OzoneClientFactory.getRpcClient(ozoneConfiguration);

The code successfully tries to connect to Ozone but I want to connect it using Kerberos

Answer 1

You need to set these properties for secure cluster. //set om leader node ozoneConfiguration.set("ozone.om.address", "xx:xx:xx:xx");

 //Setting kerberos authentication
 ozoneConfiguration.set("ozone.om.kerberos.principal.pattern", "*");
 ozoneConfiguration.set("ozone.security.enabled", "true");
 ozoneConfiguration.set("hadoop.rpc.protection", "privacy");
 ozoneConfiguration.set("hadoop.security.authentication", "kerberos");
 ozoneConfiguration.set("hadoop.security.authorization", "true");

//Passing keytab for Authentication
UserGroupInformation.setConfiguration(ozoneConfiguration);
UserGroupInformation.loginUserFromKeytab("om pricipal","ozone.keytab- 
location on-spring-boot-host");

• copy ozone.keytab into spring boot host and refer the path in loginUserFromKeytab (ozone.keytab-location on-spring-boot-host)
• copy krb5.conf to your spring-boot-host under etc directory .