Kerberos
Kerberos is a network authentication protocol that provides a secure way to authenticate clients and servers over an insecure network.
The Big Data Tools plugin allows you to use Kerberos to authenticate connections to Kafka, HDFS, and Hive Metastore.
Use Kerberos to authenticate in Kafka
In the Big Data Tools tool window, click and select Kafka. Or, if you want to edit an existing connection, select it and click .
Open the Kerberos settings: In the Configuration source, select Custom, and, under Authentication, select .
In the Krb5 Config box, select your krb5.conf or krb5.ini file or click Per IDE <a>Detect</a> to let PyCharm detect it in default locations.
If you want to use the Kerberos ticket cache created by the kinit tool, select Use kinit cache.
Otherwise, clear the Use kinit cache checkbox and provide authentication data:
In the Principal box, enter your Kerberos principal, such as john@EXAMPLE.ORG.
In the Keytab box, specify a path to the keytab file.
Use Kerberos to authenticate in HDFS
In the Big Data Tools window, click and select HDFS. Or, if you want to edit an existing connection, select it and click .
Open the Kerberos settings: In the Configuration source, select Custom, and, under Authentication, select Kerberos.
In the Krb5 Config box, select your krb5.conf or krb5.ini file or click Per IDE <a>Detect</a> to let PyCharm detect it in default locations.
If you want to use the Kerberos ticket cache created by the kinit tool, select Use kinit cache.
Otherwise, clear the Use kinit cache checkbox and provide authentication data:
In the Authentication by, select the authentication method:
Keytab: enter your Kerberos principal, such as john@EXAMPLE.ORG, and a path to the keytab file.
Password: enter your Kerberos principal, such as john@EXAMPLE.ORG, and the principal password.
JAAS config: specify the path to the JAAS Login Configuration File. PyCharm detects JAAS entries in the file, and you can then select the one you want to use for authentication in the JAAS entry list. Alternatively, click Generate JAAS entry to generate a new JAAS entry and add it to the file.
Use Kerberos to authenticate in Hive
In the Big Data Tools window, click and select Hive. Or, if you want to edit an existing connection, select it and click .
Open the Kerberos settings: In the Configuration source, select Custom, and, under Authentication, select Kerberos.
In the Krb5 Config box, select your krb5.conf or krb5.ini file or click Per IDE <a>Detect</a> to let PyCharm detect it in default locations.
If you want to use the Kerberos ticket cache created by the kinit tool, select Use kinit cache.
Otherwise, clear the Use kinit cache checkbox and provide authentication data:
In the Principal box, enter your Kerberos principal, such as john@EXAMPLE.ORG
In the Keytab box, specify a path to the keytab file.
Enable debug logging
If you have issues with Kerberos authentication, you can enable logging of Kerberos and Java Generic Security Services (JGSS) debug messages. The logs are then available in
and .In the Settings dialog (Control+Alt+S), go to .
Select the Kerberos debug logging and JGSS debug logging checkboxes.