By default in Data Center installations, Apache Atlas uses PAM authentication, which
means valid Atlas users correspond to the users configured for the operating system on the host
where Atlas runs. Cloud installations do not use PAM authentication.
These steps describe setting properties to enable PAM authentication. To disable PAM,
you can remove the properties or set the PAM authentication method property to false. If you
leave the PAM authentication method to true and set another authentication method to true,
Atlas uses both methods to authenticate users.
Minimum Required Role in Cloudera Manager:
Full Administrator.
In Cloudera Manager, select the Atlas
service, then open the Configuration tab.
To display the appropriate property, type "safety" in the Search box.
Find the Atlas Server Advanced Configuration Snippet (Safety Valve) for
conf/atlas-application.properties.
In the safety valve, set the following properties:
atlas.authentication.method.pam=true
atlas.authentication.method.pam.service=login service
where login service indicates the desired PAM login service. For
example, set atlas.authentication.method.pam.service=login to use
/etc/pam.d/login.
Click Save Changes.
Restart the Atlas service.
Once the PAM authentication is enabled for Atlas on a Cloudera Base on premises cluster, to access Atlas, note the
following:
If Atlas was configured using LDAP or Active
Directory, the same user role which was set-up can be authenticated and
used for accessing Atlas.
For an Operating System user, you can add the user using useradd or
adduser commands and later access Atlas.
These steps describe setting properties to enable PAM authentication. To disable PAM,
you can remove the properties or set the PAM authentication method property to false. If you
leave the PAM authentication method to true and set another authentication method to true,
Atlas uses both methods to authenticate users.
