AnsweredAssumed Answered

How to enable SPNEGO on a non-secure cluster?

Question asked by AllenKll on Jun 29, 2017
Latest reply on Jul 12, 2017 by najmuddin_chirammal

I have a 5.2.1 cluster set up in insecure mode and am trying to access the MCS web API using Kerberos.  I can't seem to find the right switch to flip in order to get jetty to use SPNEGO (no 'WWW-Authenticate: Negotiate' in the header)

 

I have in my web.conf:

mapr.rest.auth.methods=kerberos,basic

mapr-clusters.conf:

... secure=false kerberosEnable=true...

I ran configure with these options:

configure.sh -K -P "HTTP/server1@MYDOMAIN"

I created the keytab in /opt/mapr/conf with the HTTP and mapr principal in it.

I followed the directions here for configuring PAM: Configuring PAM for REST API 

Still no joy.

 

How do I get this to work?

 

thanks,

-AllenKll

Outcomes