Enable Ranger Admin login using kerberos authentication

You can enable the Ranger Admin web UI to use kerberos authentication for browser-based login.

The Ranger Admin web UI does not allow kerberos authentication by default. To allow users of specific web browsers to login to the Ranger Admin web UI, you must add configuration properties to the ranger-admin-site.xml file.

  1. In Cloudera Manager Home, select Ranger, then choose Configuration.
  2. On Configuration, in Search, type ranger-admin.
  3. In conf/ranger-admin-site.xml_role_safety_valve, click + (Add).
  4. Add a key-value pair that configures the maximum number of days to retain Ranger Admin access log files.




  5. Optionally, you can a another key-value pair that defines specific web browsers that allow kerberos authenticated login.




  6. Click Save Changes.

    After saving changes, the Stale Configuration icon appears on the Cloudera Manager UI. Optionally, click Stale Configuration to view details.

  7. Select Actions > Restart.
Users should now be able to login to Ranger Admin UI using kerberos authentication.