HDFS - (User) Authentication, Identification

> Database > (Apache) Hadoop > Hadoop Distributed File System (HDFS)

1 - About

(Authentication|Access control|Identification) - AuthN in HDFS.

If Hadoop is configured with all of its defaults, Hadoop doesn’t do any authentication of users.

See also: HDFS - Permissions (Authorization)

In hdfs, a user or group are just strings of characters. The below command will always work.

hadoop fs -chown badUser:badGroup /test

No one will be able to access that file except the adminusers

3 - Type

User identity mechanism is specified by the configuration property: hadoop.security.authentication


3.1 - Simple

The user is the Linux user. The below command will be processed with the user userName

sudo -u userName hadoop fs ls /

3.2 - Kerberos

Kerberos is an authentication protocol which uses tickets to allow nodes to identify themselves.

In a secure Hadoop configuration, all of the Hadoop daemons use Kerberos to perform mutual authentication

4 - Management

4.1 - See

hdfs getconf -confKey hadoop.security.authentication