Optional: Configure Client-Side Operation for Secure Operation- Thrift Gateway
How to configure a client side operation for secure operations (Thrift Gateway) when setting up Kerberos for non-Ambari clusters.
Add the following to the $HBASE_CONF_DIR/hbase-site.xml file for
every Thrift gateway:
<property>
<name>hbase.thrift.keytab.file</name>
<value>/etc/hbase/conf/hbase.keytab</value>
</property>
<property>
<name>hbase.thrift.kerberos.principal</name>
<value>$USER/_HOST@HADOOP.LOCALDOMAIN</value>
</property>
Substitute the appropriate credential and keytab for $USER and $KEYTAB respectively.
The Thrift gateway will authenticate with HBase using the supplied credential.
No authentication will be performed by the Thrift gateway itself. All client access via
the Thrift gateway will use the Thrift gateway's credential and have its
privilege.