Using mlcp with Kerberos
You can use mlcp in local mode with Kerberos to avoid sending cleartext passwords between your mlcp client host and MarkLogic Server.
Before you can use Kerberos with mlcp, you must configure your MarkLogic installation to enable external security, as described in External Security in Securing MarkLogic Server.
If external security is not already configured, you will need to perform at least the following procedures:
Create a Kerberos external security configuration object. For details, see Reference: The External Security Configuration Page in Securing MarkLogic Server.
Create a Kerberos keytab file and install it in your MarkLogic installation. For details, see Creating a Kerberos Keytab File in Securing MarkLogic Server.
Create one or more users associated with an external name. For details, see Reference: The User Configuration Page in Securing MarkLogic Server.
Configure your XDBC App Server to use “kerberos-ticket” authentication. For details, see Reference: The App Server Configuration Page in Securing MarkLogic Server.
The topics in this section touch on additional details specific to mlcp.