Use curl to access a URL protected by Kerberos HTTP SPNEGO
To access a URL protected by Kerberos HTTP SPNEGO, ensure that your version of
curl supports GSS and is capable of running
$ curl -V curl 7.19.7 (universal-apple-darwin10.0) libcurl/7.19.7 OpenSSL/0.9.8l zlib/1.2.3 Protocols: tftp ftp telnet dict ldap http file https ftps Features: GSS-Negotiate IPv6 Largefile NTLM SSL libz
Log on to the KDC using kinit.
$ kinit Please enter the password for username@LOCALHOST:
curlto fetch the protected URL.
$ curl --cacert /path/to/truststore.pem --negotiate -u : -b ~/cookiejar.txt -c ~/cookiejar.txt https://localhost:14000/webhdfs/v1/?op=liststatuswhere:
--cacertoption is required if you are using TLS/SSL certificates that curl does not recognize by default.
--negotiateoption enables SPNEGO in curl.
-u:option is required but the username is ignored (the principal that has been specified for
-coptions are used to store and send HTTP cookies.
- Cloudera does not recommend using the
--insecureoption as it turns off
curl's ability to verify the certificate.