Using mlcp With Kerberos
You can use mlcp in local mode with Kerberos to avoid sending cleartext passwords between your mlcp client host and MarkLogic Server.
Before you can use Kerberos with mlcp, you must configure your MarkLogic installation to enable external security, as described in External Security in Securing MarkLogic Server.
If external security is not already configured, you will need to perform at least the following procedures:
Create a Kerberos external security configuration object. For details, see Creating an External Authentication Configuration Object in Securing MarkLogic Server.
Create a Kerberos keytab file and install it in your MarkLogic installation. For details, see Creating a Kerberos Keytab File in Securing MarkLogic Server.
Create one or more users associated with an external name. For details, see Assigning an External Name to a User in Securing MarkLogic Server.
Configure your XDBC App Server to use “kerberos-ticket” authentication. For details, see Configuring an App Server for External Authentication in Securing MarkLogic Server.
The topics in this section touch on additional details specific to mlcp: