Configuring Authentication

Provides information about Data Fabric tickets, Kerberos, Pluggable Authentication Module (PAM) authentication.

Robust authentication prevents third parties from representing themselves as legitimate users. The core component of user authentication in Data Fabric is the ticket. A ticket is an object that contains specific information about a user, an expiration time, and a key. Tickets uniquely identify a user and are encrypted to protect their contents. Tickets are used to establish sessions between a user and the cluster.

Data Fabric supports two methods of authenticating a user and generating a ticket:
  • Kerberos
  • Username/password pairing with PAM

Both of these methods are mediated by the maprlogin utility. When you authenticate with a username/password pair, the system verifies credentials using Pluggable Authentication Modules (PAM). Configure the cluster to use any registry that has a PAM module.