Author: lmccay
Date: Wed Sep 17 15:19:47 2014
New Revision: 1625630
URL: http://svn.apache.org/r1625630
Log:
Changed the name of the identity assertion provider to Default in book 0.5.0
Modified:
knox/site/books/knox-0-4-0/deployment-overview.png
knox/site/books/knox-0-4-0/deployment-provider.png
knox/site/books/knox-0-4-0/deployment-service.png
knox/site/books/knox-0-4-0/runtime-overview.png
knox/site/books/knox-0-4-0/runtime-request-processing.png
knox/site/books/knox-0-5-0/knox-0-5-0.html
knox/site/index.html
knox/site/issue-tracking.html
knox/site/license.html
knox/site/mail-lists.html
knox/site/project-info.html
knox/site/team-list.html
knox/trunk/books/0.5.0/admin_api.md
knox/trunk/books/0.5.0/config_authz.md
knox/trunk/books/0.5.0/config_id_assertion.md
Modified: knox/site/books/knox-0-4-0/deployment-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-4-0/deployment-overview.png?rev=1625630&r1=1625629&r2=1625630&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-4-0/deployment-provider.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-4-0/deployment-provider.png?rev=1625630&r1=1625629&r2=1625630&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-4-0/deployment-service.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-4-0/deployment-service.png?rev=1625630&r1=1625629&r2=1625630&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-4-0/runtime-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-4-0/runtime-overview.png?rev=1625630&r1=1625629&r2=1625630&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-4-0/runtime-request-processing.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-4-0/runtime-request-processing.png?rev=1625630&r1=1625629&r2=1625630&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-5-0/knox-0-5-0.html
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-5-0/knox-0-5-0.html?rev=1625630&r1=1625629&r2=1625630&view=diff
==============================================================================
--- knox/site/books/knox-0-5-0/knox-0-5-0.html (original)
+++ knox/site/books/knox-0-5-0/knox-0-5-0.html Wed Sep 17 15:19:47 2014
@@ -566,7 +566,7 @@ ip-10-39-107-209.ec2.internal
"role": "authorization"
}, {
"enabled": true,
- "name": "Pseudo",
+ "name": "Default",
"params": {},
"role": "identity-assertion"
}, {
@@ -771,16 +771,16 @@ ldapRealm.userDnTemplate=uid={0},ou=peop
<li>determine whether it matches any principal mapping rules and apply them
appropriately</li>
<li>determine whether it matches any group principal mapping rules and apply
them</li>
<li>if it is determined that the principal will be impersonating another
through a principal mapping rule then a Subject.doAS is required in order for
providers farther downstream can determine the appropriate effective principal
name and groups for the user</li>
-</ol><p>The following configuration is required for asserting the users
identity to the Hadoop cluster using Pseudo or Simple
“authentication”.</p>
+</ol><p>The following configuration is required for asserting the users
identity to the Hadoop cluster using Pseudo or Simple
“authentication” and for using kerberos/SPNEGO for secure
clusters.</p>
<pre><code><provider>
<role>identity-assertion</role>
- <name>Pseudo</name>
+ <name>Default</name>
<enabled>true</enabled>
</provider>
-</code></pre><p>This particular configuration indicates that the Pseudo
identity assertion provider is enabled and that there are no principal mapping
rules to apply to identities flowing from the authentication in the gateway to
the backend Hadoop cluster services. The primary principal of the current
subject will therefore be asserted via a query paramter or as a form parameter
- ie. ?user.name={primaryPrincipal}</p>
+</code></pre><p>This particular configuration indicates that the Default
identity assertion provider is enabled and that there are no principal mapping
rules to apply to identities flowing from the authentication in the gateway to
the backend Hadoop cluster services. The primary principal of the current
subject will therefore be asserted via a query paramter or as a form parameter
- ie. ?user.name={primaryPrincipal}</p>
<pre><code><provider>
<role>identity-assertion</role>
- <name>Pseudo</name>
+ <name>Default</name>
<enabled>true</enabled>
<param>
<name>principal.mapping</name>
@@ -988,7 +988,7 @@ ldapRealm.userDnTemplate=uid={0},ou=peop
</provider>
<provider>
<role>identity-assertion</role>
- <name>Pseudo</name>
+ <name>Default</name>
<enabled>true</enabled>
<param>
<name>principal.mapping</name>
Modified: knox/site/index.html
URL:
http://svn.apache.org/viewvc/knox/site/index.html?rev=1625630&r1=1625629&r2=1625630&view=diff
==============================================================================
--- knox/site/index.html (original)
+++ knox/site/index.html Wed Sep 17 15:19:47 2014
@@ -1,5 +1,5 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
-<!-- Generated by Apache Maven Doxia Site Renderer 1.6 at 2014-09-10 -->
+<!-- Generated by Apache Maven Doxia Site Renderer 1.6 at 2014-09-17 -->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
@@ -10,7 +10,7 @@
@import url("./css/site.css");
</style>
<link rel="stylesheet" href="./css/print.css" type="text/css"
media="print" />
- <meta name="Date-Revision-yyyymmdd" content="20140910" />
+ <meta name="Date-Revision-yyyymmdd" content="20140917" />
<meta http-equiv="Content-Language" content="en" />
<script type="text/javascript">var _gaq = _gaq || [];
@@ -57,7 +57,7 @@
<a
href="https://cwiki.apache.org/confluence/display/KNOX/Index";
class="externalLink" title="Wiki">Wiki</a>
- | <span id="publishDate">Last Published:
2014-09-10</span>
+ | <span id="publishDate">Last Published:
2014-09-17</span>
| <span id="projectVersion">Version: 0.0.0-SNAPSHOT</span>
</div>
<div class="clear">
Modified: knox/site/issue-tracking.html
URL:
http://svn.apache.org/viewvc/knox/site/issue-tracking.html?rev=1625630&r1=1625629&r2=1625630&view=diff
==============================================================================
--- knox/site/issue-tracking.html (original)
+++ knox/site/issue-tracking.html Wed Sep 17 15:19:47 2014
@@ -1,5 +1,5 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
-<!-- Generated by Apache Maven Doxia Site Renderer 1.6 at 2014-09-10 -->
+<!-- Generated by Apache Maven Doxia Site Renderer 1.6 at 2014-09-17 -->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
@@ -10,7 +10,7 @@
@import url("./css/site.css");
</style>
<link rel="stylesheet" href="./css/print.css" type="text/css"
media="print" />
- <meta name="Date-Revision-yyyymmdd" content="20140910" />
+ <meta name="Date-Revision-yyyymmdd" content="20140917" />
<meta http-equiv="Content-Language" content="en" />
<script type="text/javascript">var _gaq = _gaq || [];
@@ -57,7 +57,7 @@
<a
href="https://cwiki.apache.org/confluence/display/KNOX/Index";
class="externalLink" title="Wiki">Wiki</a>
- | <span id="publishDate">Last Published:
2014-09-10</span>
+ | <span id="publishDate">Last Published:
2014-09-17</span>
| <span id="projectVersion">Version: 0.0.0-SNAPSHOT</span>
</div>
<div class="clear">
Modified: knox/site/license.html
URL:
http://svn.apache.org/viewvc/knox/site/license.html?rev=1625630&r1=1625629&r2=1625630&view=diff
==============================================================================
--- knox/site/license.html (original)
+++ knox/site/license.html Wed Sep 17 15:19:47 2014
@@ -1,5 +1,5 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
-<!-- Generated by Apache Maven Doxia Site Renderer 1.6 at 2014-09-10 -->
+<!-- Generated by Apache Maven Doxia Site Renderer 1.6 at 2014-09-17 -->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
@@ -10,7 +10,7 @@
@import url("./css/site.css");
</style>
<link rel="stylesheet" href="./css/print.css" type="text/css"
media="print" />
- <meta name="Date-Revision-yyyymmdd" content="20140910" />
+ <meta name="Date-Revision-yyyymmdd" content="20140917" />
<meta http-equiv="Content-Language" content="en" />
<script type="text/javascript">var _gaq = _gaq || [];
@@ -57,7 +57,7 @@
<a
href="https://cwiki.apache.org/confluence/display/KNOX/Index";
class="externalLink" title="Wiki">Wiki</a>
- | <span id="publishDate">Last Published:
2014-09-10</span>
+ | <span id="publishDate">Last Published:
2014-09-17</span>
| <span id="projectVersion">Version: 0.0.0-SNAPSHOT</span>
</div>
<div class="clear">
Modified: knox/site/mail-lists.html
URL:
http://svn.apache.org/viewvc/knox/site/mail-lists.html?rev=1625630&r1=1625629&r2=1625630&view=diff
==============================================================================
--- knox/site/mail-lists.html (original)
+++ knox/site/mail-lists.html Wed Sep 17 15:19:47 2014
@@ -1,5 +1,5 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
-<!-- Generated by Apache Maven Doxia Site Renderer 1.6 at 2014-09-10 -->
+<!-- Generated by Apache Maven Doxia Site Renderer 1.6 at 2014-09-17 -->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
@@ -10,7 +10,7 @@
@import url("./css/site.css");
</style>
<link rel="stylesheet" href="./css/print.css" type="text/css"
media="print" />
- <meta name="Date-Revision-yyyymmdd" content="20140910" />
+ <meta name="Date-Revision-yyyymmdd" content="20140917" />
<meta http-equiv="Content-Language" content="en" />
<script type="text/javascript">var _gaq = _gaq || [];
@@ -57,7 +57,7 @@
<a
href="https://cwiki.apache.org/confluence/display/KNOX/Index";
class="externalLink" title="Wiki">Wiki</a>
- | <span id="publishDate">Last Published:
2014-09-10</span>
+ | <span id="publishDate">Last Published:
2014-09-17</span>
| <span id="projectVersion">Version: 0.0.0-SNAPSHOT</span>
</div>
<div class="clear">
Modified: knox/site/project-info.html
URL:
http://svn.apache.org/viewvc/knox/site/project-info.html?rev=1625630&r1=1625629&r2=1625630&view=diff
==============================================================================
--- knox/site/project-info.html (original)
+++ knox/site/project-info.html Wed Sep 17 15:19:47 2014
@@ -1,5 +1,5 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
-<!-- Generated by Apache Maven Doxia Site Renderer 1.6 at 2014-09-10 -->
+<!-- Generated by Apache Maven Doxia Site Renderer 1.6 at 2014-09-17 -->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
@@ -10,7 +10,7 @@
@import url("./css/site.css");
</style>
<link rel="stylesheet" href="./css/print.css" type="text/css"
media="print" />
- <meta name="Date-Revision-yyyymmdd" content="20140910" />
+ <meta name="Date-Revision-yyyymmdd" content="20140917" />
<meta http-equiv="Content-Language" content="en" />
<script type="text/javascript">var _gaq = _gaq || [];
@@ -57,7 +57,7 @@
<a
href="https://cwiki.apache.org/confluence/display/KNOX/Index";
class="externalLink" title="Wiki">Wiki</a>
- | <span id="publishDate">Last Published:
2014-09-10</span>
+ | <span id="publishDate">Last Published:
2014-09-17</span>
| <span id="projectVersion">Version: 0.0.0-SNAPSHOT</span>
</div>
<div class="clear">
Modified: knox/site/team-list.html
URL:
http://svn.apache.org/viewvc/knox/site/team-list.html?rev=1625630&r1=1625629&r2=1625630&view=diff
==============================================================================
--- knox/site/team-list.html (original)
+++ knox/site/team-list.html Wed Sep 17 15:19:47 2014
@@ -1,5 +1,5 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
-<!-- Generated by Apache Maven Doxia Site Renderer 1.6 at 2014-09-10 -->
+<!-- Generated by Apache Maven Doxia Site Renderer 1.6 at 2014-09-17 -->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
@@ -10,7 +10,7 @@
@import url("./css/site.css");
</style>
<link rel="stylesheet" href="./css/print.css" type="text/css"
media="print" />
- <meta name="Date-Revision-yyyymmdd" content="20140910" />
+ <meta name="Date-Revision-yyyymmdd" content="20140917" />
<meta http-equiv="Content-Language" content="en" />
<script type="text/javascript">var _gaq = _gaq || [];
@@ -57,7 +57,7 @@
<a
href="https://cwiki.apache.org/confluence/display/KNOX/Index";
class="externalLink" title="Wiki">Wiki</a>
- | <span id="publishDate">Last Published:
2014-09-10</span>
+ | <span id="publishDate">Last Published:
2014-09-17</span>
| <span id="projectVersion">Version: 0.0.0-SNAPSHOT</span>
</div>
<div class="clear">
Modified: knox/trunk/books/0.5.0/admin_api.md
URL:
http://svn.apache.org/viewvc/knox/trunk/books/0.5.0/admin_api.md?rev=1625630&r1=1625629&r2=1625630&view=diff
==============================================================================
--- knox/trunk/books/0.5.0/admin_api.md (original)
+++ knox/trunk/books/0.5.0/admin_api.md Wed Sep 17 15:19:47 2014
@@ -133,7 +133,7 @@ Calls to Knox and return a JSON object t
"role": "authorization"
}, {
"enabled": true,
- "name": "Pseudo",
+ "name": "Default",
"params": {},
"role": "identity-assertion"
}, {
Modified: knox/trunk/books/0.5.0/config_authz.md
URL:
http://svn.apache.org/viewvc/knox/trunk/books/0.5.0/config_authz.md?rev=1625630&r1=1625629&r2=1625630&view=diff
==============================================================================
--- knox/trunk/books/0.5.0/config_authz.md (original)
+++ knox/trunk/books/0.5.0/config_authz.md Wed Sep 17 15:19:47 2014
@@ -274,7 +274,7 @@ An example of a full topology that illus
</provider>
<provider>
<role>identity-assertion</role>
- <name>Pseudo</name>
+ <name>Default</name>
<enabled>true</enabled>
<param>
<name>principal.mapping</name>
Modified: knox/trunk/books/0.5.0/config_id_assertion.md
URL:
http://svn.apache.org/viewvc/knox/trunk/books/0.5.0/config_id_assertion.md?rev=1625630&r1=1625629&r2=1625630&view=diff
==============================================================================
--- knox/trunk/books/0.5.0/config_id_assertion.md (original)
+++ knox/trunk/books/0.5.0/config_id_assertion.md Wed Sep 17 15:19:47 2014
@@ -24,19 +24,19 @@ The general responsibilities of the iden
2. determine whether it matches any group principal mapping rules and apply
them
3. if it is determined that the principal will be impersonating another
through a principal mapping rule then a Subject.doAS is required in order for
providers farther downstream can determine the appropriate effective principal
name and groups for the user
-The following configuration is required for asserting the users identity to
the Hadoop cluster using Pseudo or Simple "authentication".
+The following configuration is required for asserting the users identity to
the Hadoop cluster using Pseudo or Simple "authentication" and for using
kerberos/SPNEGO for secure clusters.
<provider>
<role>identity-assertion</role>
- <name>Pseudo</name>
+ <name>Default</name>
<enabled>true</enabled>
</provider>
-This particular configuration indicates that the Pseudo identity assertion
provider is enabled and that there are no principal mapping rules to apply to
identities flowing from the authentication in the gateway to the backend Hadoop
cluster services. The primary principal of the current subject will therefore
be asserted via a query paramter or as a form parameter - ie.
?user.name={primaryPrincipal}
+This particular configuration indicates that the Default identity assertion
provider is enabled and that there are no principal mapping rules to apply to
identities flowing from the authentication in the gateway to the backend Hadoop
cluster services. The primary principal of the current subject will therefore
be asserted via a query paramter or as a form parameter - ie.
?user.name={primaryPrincipal}
<provider>
<role>identity-assertion</role>
- <name>Pseudo</name>
+ <name>Default</name>
<enabled>true</enabled>
<param>
<name>principal.mapping</name>
