Follow these steps to create a Java client:
-
Launch Eclipse.
-
Create a simple Maven project.
-
Add the hbase-client and hadoop-auth dependencies.
The client uses the Hadoop UGI utility class to perform a Kerberos
authentication using the keytab file. It sets up the context so that all
operations are performed under the hbase-user2 security context. Then, it
performs the required HBase operations, namely check / create table and
perform a put and get operations.
<dependencies>
<dependency>
<groupId>org.apache.hbase</groupId>
<artifactId>hbase-client</artifactId>
<version>${hbase.version}</version>
<exclusions>
<exclusion>
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-aws</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-auth</artifactId>
<version>${hadoop.version}</version>
</dependency>
<dependency>
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-common</artifactId>
<version>${hadoop.version}</version>
</dependency>
<dependency>
-
Execute the HBase Java client code from a node that can be reverse-DNS
resolved.
This is part of Kerberos authentication. Therefore, running it from a machine
that does not share the same DNS infrastructure as the HDP cluster results in
authentication failure.
-
To validate that your Kerberos authentication / keytab / principal does indeed
work, you can also perform a simple Kerberos authentication from Java. This
provides you with some insight into how Java JAAS and Kerberos works.
It is highly recommended that you use either Maven Shade Plugin or Maven Jar
Plugin to automatically package dependencies into a fat-client JAR. You can
also use Eclipse Export feature, however this is not recommended for
production code base.
