Licensed under the Apache License, Version 2.0 (the “License”);
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an “AS IS” BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License. See accompanying LICENSE file.
–>
<web-resource-collection>
<web-resource-name>Protected</web-resource-name>
<url-pattern>/*</url-pattern> <!-- 这是正在被保护的路径,当前设定的是root路径下的web ui -->
</web-resource-collection>
<auth-constraint>
<role-name>root</role-name> <!-- hadoop用户的组名 -->
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method> <!-- HTTP规范,Base64 编码方式, 采用Base64编码具有不可读性,需要解码后才能阅读。-->
<realm-name>jobtrackerRealm</realm-name> <!-- 这个名称要和下面jetty里的name一致-->
</login-config>## 二、配置jetty-web.xml
和web.xml在同一个文件夹下,如果没有,则新增一个,填入以下内容 jobtrackerRealm /etc/hadoop/realm.properties
**/etc/hadoop/realm.properties是配置用户名密码的文件**
## 三、配置realm.properties文件
在 jetty-web.xml 配置的路径下,/etc/hadoop/realm.properties ,这个文件是没有 的,要先创建。cd /etc/hadoop
touch realm.properties
添加用户名,密码,用户组vi /etc/hadoop/realm.properties
hadoop:hadoop,hadoop
![在这里插入图片描述]()
一个用户密码一行,要配置多个,就多行,并将文件copy到/etc/hadoop/2.5.3.0-37/0/目录下,并修改文件权限。cp /etc/hadoop/realm.properties /etc/hadoop/2.5.3.0-37/0/
chmod 755 /etc/hadoop/2.5.3.0-37/0/realm.properties
## 四、重启namenode,使认证生效
这里建议先重启standbynamenode,然后主从切换,重启切下来的standbynamenode,不要直接重启active的namenode
![img]()
![img]()
