Safe uses Alfredo library for authentication. Alfredo provides the following authentication mechanisms - 1) SPNego based authentication 2) Simple authentication using URL parameters. It is possible to develop and plug in additional authentication mechanisms. By default, Simple authentication is configured. This is done in WEB-INF/web.xml To enable kerberos authentication, learn more about Alfredo at http://cloudera.github.com/alfredo/docs/latest/index.html
<filter>
<filter-name>simpleFilter</filter-name>
<filter-class>com.cloudera.alfredo.server.AuthenticationFilter</filter-class>
<init-param>
<param-name>type</param-name>
<param-value>simple</param-value>
</init-param>
<init-param>
<param-name>token.validity</param-name>
<param-value>30</param-value>
</init-param>
<init-param>
<param-name>cookie.domain</param-name>
<param-value>localhost</param-value>
</init-param>
<init-param>
<param-name>cookie.path</param-name>
<param-value>/</param-value>
</init-param>
<init-param>
<param-name>simple.anonymous.allowed</param-name>
<param-value>false</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>simpleFilter</filter-name>
<url-pattern>*</url-pattern>
</filter-mapping>