Configuring user authentication in Ambari
You can
authenticate the users by using either Knox SSO, Knox proxy, or SPNEGO. You can also choose not
to set up user authentication. In this case, all the queries are executed as a Hive service
user.
Configuring user authentication using Knox SSO In a Cloudera Private Cloud Base deployment, to enable DAS to work with the CDP cluster SSO, configure the Knox settings as described in this topic.Configuring user authentication using Knox proxy In the Cloudera Private Cloud Base 7.1.x release, Knox Proxy is configured via the Knox Admin UI. To set up proxy, you first define the provider configurations and descriptors, and the topologies are automatically generated based on those settings.Configuring user authentication using SPNEGO SPNEGO uses a Kerberized environment for user authentication. To use SPNEGO to authenticate users, specify SPNEGO in the user_authentication field. Enabling logout option for secure clusters To sign out from the application (DAS Webapp) and the identity provider on secure clusters, you need to create a KnoxSSO out topology in the Ambari console and configure the knox_ssout_url through the Ambari UI.