i understand kerberos is used on hadoop to provide security in a multi-user
environment, and i can totally see its usage for a shared cluster within a
company to make sure sensitive data for one department is safe from prying
eyes of another department.
but for a hadoop cluster that sits "behind" a bunch of web servers to do
say log analysis, and that already is protected by standard measures (no
route to cluster from outside, so a web server would have to get
compromised to gain access), is there any value in securing it with
kerberos? does anyone do that?