Generating a MapR User Ticket
A user ticket file is stored in /tmp
and
can only be read by that user. To generate a MapR user ticket,
run the following command:
maprlogin password
This command prompts for the user's password, then
generates a mapr user ticket associated with the UNIX user
ID. By default, tickets on Linux systems are generated in
the /tmp
directory and are named in the
form maprticket_<UID>
. Tickets on
Windows systems are generated in
the %TEMP%/
directory and are named in the
form maprticket_<username>
. To
change the default location, change the value of
the MAPR_TICKETFILE_LOCATION
environment
variable.
To illustrate a typical work flow, suppose a user wants to
access two clusters, cluster1 and cluster2. During this session, a
user logs in as root
to cluster1, gets a
MapR user ticket, and displays the ticket contents with
the maprlogin print
command.
root@qa-node113:~/SecurityInstall# maprlogin password
[Password for user 'root' at cluster 'cluster1': ]
MapR credentials of user 'root' for cluster 'cluster1' are written to '/tmp/maprticket_0'
root@qa-node113:~/SecurityInstall#
First Ticket for Cluster 1
root@qa-node113:~/SecurityInstall# maprlogin print
Opening keyfile /tmp/maprticket_0
qasecurity1: user = root, created = 'Wed Sep 11 14:19:02 PDT 2013', expires = 'Wed Sep 25 14:19:02 PDT 2013', RenewalTill = 'Fri Oct 11 14:19:02 PDT 2013', uid = 0, gids = 0, 42
root@qa-node113:~/SecurityInstall#
Now the root
user logs in to cluster2. The maprlogin
command returns a ticket for cluster2. This ticket is stored in the common ticket file.
Commands now have access to both tickets.
root@qa-node113:/opt/mapr/conf# maprlogin password -cluster cluster2
[Password for user 'root' at cluster 'cluster2': ]
MapR credentials of user 'root' for cluster 'cluster2' are written to '/tmp/maprticket_0'
Showing Tickets for Both Clusters
root@qa-node113:/opt/mapr/conf# maprlogin print
Opening keyfile /tmp/maprticket_0
qasecurity1: user = root, created = 'Thu Sep 12 11:07:54 PDT 2013', expires = 'Thu Sep 26 11:07:54 PDT 2013', RenewalTill = 'Sat Oct 12 11:07:54 PDT 2013', uid = 0, gids = 0, 42
qasecurity2: user = root, created = 'Thu Sep 12 15:20:49 PDT 2013', expires = 'Thu Sep 26 15:20:49 PDT 2013', RenewalTill = 'Sat Oct 12 15:20:49 PDT 2013', uid = 0, gids = 0, 500
root@qa-node113:/opt/mapr/conf#