On the NameNode and all DataNodes host machines, edit the
$HADOOP_CONF_DIRcore-site.xml<property> <name>hue.kerberos.principal.shortname</name> <value>hue</value> </property>
<property> <name>hadoop.proxyuser.HTTP.hosts</name> <value>*</value> <!--(or internal ip) --> <description>Proxy host for Hadoop.</description> </property>
<property> <name>hadoop.proxyuser.HTTP.groups</name> <value>*</value> <!--(or users) --> <description>Proxy groups for Hadoop.</description> </property>
where
$HADOOP_CONF_DIRis the directory for storing the Hadoop configuration files. For example,/etc/hadoop/conf.Ensure that the following command returns valid Kerberos ticket:
$klist
Edit
/etc/hue/conf/hue.inifile, to add the following information:... [[kerberos]] # Path to Hue's Kerberos keytab file hue_keytab=/etc/security/keytabs/hue.service.keytab # Kerberos principal name for Hue hue_principal=hue/$FQDN_HueServer_Host_Machine # Path to kinit # For RHEL/CentOS 5.x, kinit_path is /usr/kerberos/bin/kinit # For RHEL/CentOS 6.x, kinit_path is /usr/bin/kinit kinit_path=
Uncomment all security_enabled settings and set them to true.
jt_kerberos_principal=jt beeswax_server_host=$FQDN_HueServer_Host_Machine
