认证kerberos
public static void initKerberosEnv(Configuration conf, String principalName, String keytabPath, String krb5ConfPath, String loginConfigPath) throws Exception {
System.setProperty("java.security.krb5.conf", krb5ConfPath);
System.setProperty("java.security.auth.login.config", loginConfigPath);
conf.set("hadoop.security.authentication", "Kerberos");
// linux 环境会默认读取/etc/krb5.conf文件,win不指定会默认读取C:/Windows/krb5.ini
UserGroupInformation.setConfiguration(conf);
UserGroupInformation.loginUserFromKeytab(principalName, keytabPath);
}
druid+kerberos+phoenix
@Bean(name = "hbaseDataSource", initMethod = "init", destroyMethod = "close")
public DruidDataSource getHbaseDataSource() throws Exception {
// 连接hadoop环境,进行 Kerberos认证
org.apache.hadoop.conf.Configuration conf = HBaseConfiguration.create();
KerberosInitor.initKerberosEnv(conf, hbasePrincipalName, hbaseKeytabPath, krb5ConfPath, loginConfigPath);
//加载phoenix的配置
Properties properties = new Properties();
properties.setProperty("phoenix.schema.mapSystemTablesToNamespace", "true");
properties.setProperty("phoenix.schema.isNamespaceMappingEnabled", "true");
properties.setProperty("hbase.zookeeper.quorum", zookeeperQuorum);
properties.setProperty("hbase.master.kerberos.principal", otherPrincipalName);
properties.setProperty("hbase.regionserver.kerberos.principal", otherPrincipalName);
properties.setProperty("phoenix.queryserver.kerberos.principal", otherPrincipalName);
properties.setProperty("hbase.security.authentication", "kerberos");
properties.setProperty("hadoop.security.authentication", "kerberos");
properties.setProperty("zookeeper.znode.parent", "/hbase");
DruidDataSource datasource = new DruidDataSource();
datasource.setConnectProperties(properties);
datasource.setUrl(hbaseUrl);
datasource.setDriverClassName(hbaseDiverClassName);
//configuration
datasource.setInitialSize(initialSize);
datasource.setMinIdle(minIdle);
datasource.setMaxActive(maxActive);
datasource.setMaxWait(maxWait);
datasource.setMinEvictableIdleTimeMillis(minEvictableIdleTimeMillis);
datasource.setValidationQuery(validationQuery);
datasource.setTestWhileIdle(testWhileIdle);
datasource.setTestOnBorrow(testOnBorrow);
datasource.setTestOnReturn(testOnReturn);
datasource.setPoolPreparedStatements(poolPreparedStatements);
datasource.setMaxPoolPreparedStatementPerConnectionSize(maxPoolPreparedStatementPerConnectionSize);
return datasource;
}