UPN Keytab Mapping File
UPNKeytabMappingFile
| Key Name | Default Value | Required |
|---|---|---|
|
|
None |
No |
Description
The full path to a JSON file that maps your Impala user name to a Kerberos user principal name and a keytab file.
Note:
This option is applicable only when the authentication mechanism is set to Kerberos (AuthMech=Kerberos) and the Use Keytab option is enabled (UseKeytab=1).
The mapping in the JSON file must be written using the following schema, where [UserName] is the Impala user name, [KerberosUPN] is the Kerberos user principal name, and [Keytab] is the full path to the keytab file:
{
"[UserName]": {
"principal" : "[KerberosUPN]",
"keytab": "[Keytab]"
},
... }
For example, the following file maps the Impala user name simba to the simba@SIMBA Kerberos user principal name and the C:\Temp\simba.keytab file:
{
"simba": {
"principal" : "simba@SIMBA",
"keytab": "C:\Temp\simba.keytab"
},
... }
If parts of the mapping are invalid or not defined, then the following occurs:
- If the mapping file fails to specify a Kerberos user principal name, then the connector uses the Impala user name as the Kerberos user principal name.
- If the mapping file fails to specify a keytab file, then the connector uses the keytab file that is specified in the Default Keytab File setting.
- If the entire mapping file is invalid or not defined, then the connector does both of the actions described above.
- Authentication Driver Configuration Options on page 1
- Using Advanced Kerberos
- Configuring Authentication
- Using Advanced Kerberos
- Configuring Authentication
- Using a Connection String