Nice. Very easy for out of the box testing for adding users without messing with LDIF and the ApacheDS instance. It will obviously require the redeploy of the toplogy for any change and is not really an example of enterprise security in anyway. It does however allow for easy functional testing for consuming the Hadoop REST services through Knox.
To be clear though, it is not consider a good practice to have passwords in clear text inside of an application deployment artifact which is exactly what this ends up doing. The users that are put into a test environment like this should not be actual credentials for anyone. On Thu, Oct 10, 2013 at 10:38 AM, Kevin Minder <[email protected] > wrote: > This uses the deafult Shiro IniRealm implementation. > Obviously not secure but possibly not bad for an out of the box demo. > We would need to make it very clear that this was for demo purposes. > Just to be clear this works with 0.3.0 by changing just the sandbox.xml > topo file. > > <provider> > <role>authentication</role> > <name>ShiroProvider</name> > <enabled>true</enabled> > <param><name>users.guest</**name><value>guest-password</**value></param> > <param><name>urls./**</name><**value>authcBasic</value></**param> > </provider> > > > -- > CONFIDENTIALITY NOTICE > NOTICE: This message is intended for the use of the individual or entity > to which it is addressed and may contain information that is confidential, > privileged and exempt from disclosure under applicable law. If the reader > of this message is not the intended recipient, you are hereby notified that > any printing, copying, dissemination, distribution, disclosure or > forwarding of this communication is strictly prohibited. If you have > received this communication in error, please contact the sender immediately > and delete it from your system. Thank You. >
