kdc-kerberos 票据缓存在默认的/tmp/krb5cc_*这个文件,会导致个严重的问题:
- linux系统会定期删除/tmp,这回导致偶发性的票据验证失败问题;
- 多用户并发执行任务的时候,票据会碰撞导致意外结果:
- shell: 设置环境变量
- export KRB5CCNAME=/home/keytab/krb5cc
- python:改变缓存票据的存放路径
- shell: 设置环境变量
#!/usr/bin/env python
# -*- coding:utf-8 -*-
# 作者: tianjun
# 时间: 2020/3/9 下午7:18
# 文件: test_deom.py
# IDE: PyCharm
from impala.dbapi import connect
from krbcontext import krbcontext
if __name__ == '__main__':
hostname = '197.255.20.213'
port = 21050
with krbcontext(using_keytab=True, principal='impala@YJP.COM',
keytab_file='/home/keytab/impala.keytab',
ccache_file='krb5cc_0'):
conn = connect(host=hostname, port=port, auth_mechanism='GSSAPI', kerberos_service_name='impala')
cur = conn.cursor()
cur.execute("show databases")
for row in cur:
print(row[0])
conn2 = connect(host=hostname, port=port, auth_mechanism='GSSAPI', kerberos_service_name='impala')
cur2 = conn.cursor()
cur2.execute("select count(*) from yjp_trace.yjp_ods_trace")
print(cur2.fetchall())