Security Exceptions

"Secure by default" means network-safe authentication and encryption. This page describes areas in which secure-by-default capabilities are not yet implemented for the MapR platform or ecosystem components. Included where applicable are links to more information to help you work around those issues.

Flume

Flume does not support any authentication mechanism for an Avro client. See Configuring Flume.

Hive

MapR-SASL is not supported for Hive in HTTP mode.

Hue

Certificate verification is disabled on Hue.

Impala

Impala is not secure by default, but encryption and authentication can be enabled. See Impala Security.

KSQL

KSQL does not support encryption between a KSQL client and KSQL server.

NFSv3

NFSv3 is not secure by default, and there are no provisions for authentication or network encryption.

NFSv4

NFSv4 is not secure by default, but it can be secured using Kerberos to enable both encryption and authentication. See Configuring NFSv4 Server for Kerberos.

OpenTSDB

There is no authentication or network encryption by default for read access over REST, and authentication and encryption cannot be enabled. However, note that no updates are allowed over REST; therefore, intruders cannot alter cluster metric data.

ZooKeeper

ZooKeeper supports server-to-server authentication by default, but ZooKeeper does not support encryption and cannot be configured to do so.