Configuring Impersonation without Cluster Security

Describes how to use impersonation on a non-secure cluster.

To configure impersonation without enabling cluster security, perform the following procedure on the client:

  1. Enable impersonation for each ecosystem component you will use that supports impersonation. See Component Requirements for Impersonation in How Impersonation Works.
  2. Enable impersonation for the MapR core components. See Enabling Impersonation for the mapr Superuser and Enabling Impersonation for any User.
  3. On each client system from which you wish to be able to use impersonation:
    1. Set a MAPR_IMPERSONATION_ENABLED environment variable with the value, true. This value must be set in the environment of any process you start that does impersonation.
    2. Create a file in /opt/mapr/conf/proxy/ that has name of the mapr superuser or any other user. For the mapr superuser, the default file name would be mapr. For all other users, you can use their username for the proxy file.
    If the mapr superuser has a different name in your cluster, use that name for the proxy file. To verify the mapr superuser name, check the mapr.daemon.user= line in the /opt/mapr/conf/daemon.conf file on a MapR cluster server.