System Behavior Changes After Enabling Security
After enabling security features for your cluster, the following behaviors change:
- Users must authenticate with the
maprlogin
utility. -
Components that have web UIs, such as the MapR Control System (MCS), Hive, and Oozie, require authentication.
WARNING:Note that you must also complete the PAM configuration to set up user authentication for MCS logins.
- Several components that communicate over HTTP use HTTPS instead.
- Encryption is used for significant network traffic. Not all network traffic can be encrypted. Transmissions between ZooKeeper nodes are not encrypted.
- Access to a cluster using URIs that use the CLDB node's name or IP address, instead of the
cluster name, is no longer supported, as in the following examples. The following URIs no
longer work after enabling security:
http://cldb1.cluster.com:7222/f1
http://10.10.20.10:7221/f1
The following URIs work after enabling security:
http:///f1 <access f1 in default cluster>
http://my.cluster.com/f1