Setting the JAAS Configuration File Location
Set the location to the configuration file using the .dserc file or environment variables.
Using the DataStax RC file
To get Kerberos credentials without having to enter a password, define the following parameters in the .dserc file:
sasl_protocol=<principal_name>
login_config=<file_name>- sasl_protocol
-
Set to the user <principal_name>. For example,
dse_admin@EXAMPLE.COM. - login_config
-
Set the file_name to the absolute path of the JAAS configuration file. See Providing Kerberos credentials using a keytab file or Providing Kerberos credentials using a ticket cache.
Kerberos token variable
Use environment variable DSE_TOKEN to specify a delegation token when Kerberos is used:
export DSE_TOKEN=<delegation_token>DSE FS Kerberos variable
When using the dse fs command use the DSEFS_SHELL_OPTS environment variable to provide the path to the login file:
DSEFS_SHELL_OPTS="-Djava.security.auth.login.config=<file_name>"Set the file_name to the absolute path of the JAAS configuration file. See Providing Kerberos credentials using a keytab file or Providing Kerberos credentials using a ticket cache.
Apache Spark job variable
If you are using JAAS rather than using a Kerberos ticket, then you need to create a JAAS configuration file.
The default location for this file is <$USER_HOME>/.java.login.config.
If your JAAS configuration file is in a different location, then you must specify the location by setting the java.security.auth.login.config option to the location of the file.
For example, to set java.security.auth.login.config in an environment variable for submitting jobs, set the SPARK_SUBMIT_OPTS environment variable to point to your JAAS configuration file:
export SPARK_SUBMIT_OPTS='-Djava.security.auth.login.config=/<path>/jaas.config'