After the Java authentication plugin has been built as described in Building a Java plugin for external authentication, the plugin must be added to the Hybrid Data Pipeline environment.

Take the following steps to add a Java authentication plugin.

Note: If your authentication plugin calls to an external source that uses a self-signed certificate for HTTPS, the self-signed certificate must be added to the Hybrid Data Pipeline JVM truststore. For details, refer to Importing data store SSL certificates in the Deployment Guide.
  1. Add the plugin and any other jar files required for the implementation, such as Apache HTTP Client jars, to the plugins directory. The location of the plugins directory depends on whether you have deployed with a load balancer.

    Non-load balancer deployment

    The plugins directory will be found in either of the following locations.

    • hdp_install_dir/ddcloud/keystore if the default key location was selected during installation of the server
    • user_specified_location if a non-default key location was specified during installation of the server

    Load balancer deployment

    The plugins directory will be found in the location specified as the key location during installation of the server.

  2. Restart the Hybrid Data Pipeline service on each node that is running the service.
    1. Run the stop service script for each node running the service. The location of the stop script is hdp_install_dir/ddcloud/stop.sh.
      Note: Shutting down Hybrid Data Pipeline may take a few minutes. Wait until you see the Shutdown complete message displayed on the console before taking any additional actions.
    2. Run the start service script for each node running the service. The location of the start script is hdp_install_dir/ddcloud/start.sh.

What to do next:

The external authentication service must be registered using the Authentication API.