Kerberos authentication versus secure impersonation

Kerberos authentication occurs when Pentaho users connect to a Hadoop cluster with a default Kerberos principal. All the Pentaho users connect to the Hadoop cluster with the same Kerberos principal.

In secure impersonation, users connect to the Hadoop cluster as a proxy user. The Pentaho user ID matches the cluster user ID in a one-on-one mapping, and resources are accessed and processes are executed as the cluster user.

Secure impersonation occurs when:

pre-defined credentials authenticate to a Kerberos server before connecting to the Hadoop cluster,
the Pentaho Server is configured for secure impersonation, and
the Hadoop cluster is secured.

PreviousBig data security NextPrerequisites

Last updated 1 month ago

Was this helpful?