Author: lmccay Date: Tue Dec 13 23:10:16 2016 New Revision: 1774114 URL: http://svn.apache.org/viewvc?rev=1774114&view=rev Log: KNOX-795 added configuration docs for knoxsso.cookie.name
Modified: knox/site/books/knox-0-11-0/user-guide.html knox/trunk/books/0.11.0/config_knox_sso.md Modified: knox/site/books/knox-0-11-0/user-guide.html URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-11-0/user-guide.html?rev=1774114&r1=1774113&r2=1774114&view=diff ============================================================================== --- knox/site/books/knox-0-11-0/user-guide.html (original) +++ knox/site/books/knox-0-11-0/user-guide.html Tue Dec 13 23:10:16 2016 @@ -2630,6 +2630,11 @@ APACHE_HOME/bin/apachectl -k stop </thead> <tbody> <tr> + <td>knoxsso.cookie.name </td> + <td>This optional setting allows the admin to set the name of the sso cookie to use to represent a successful authentication event. </td> + <td>hadoop-jwt</td> + </tr> + <tr> <td>knoxsso.cookie.secure.only </td> <td>This determines whether the browser is allowed to send the cookie over unsecured channels. This should always be set to true in production systems. If during development a relying party is not running ssl then you can turn this off. Running with it off exposes the cookie and underlying token for capture and replay by others. </td> <td>true</td> Modified: knox/trunk/books/0.11.0/config_knox_sso.md URL: http://svn.apache.org/viewvc/knox/trunk/books/0.11.0/config_knox_sso.md?rev=1774114&r1=1774113&r2=1774114&view=diff ============================================================================== --- knox/trunk/books/0.11.0/config_knox_sso.md (original) +++ knox/trunk/books/0.11.0/config_knox_sso.md Tue Dec 13 23:10:16 2016 @@ -32,6 +32,7 @@ This URL is needed when configuring appl Parameter | Description | Default -------------------------------- |------------ |----------- +knoxsso.cookie.name | This optional setting allows the admin to set the name of the sso cookie to use to represent a successful authentication event. | hadoop-jwt knoxsso.cookie.secure.only | This determines whether the browser is allowed to send the cookie over unsecured channels. This should always be set to true in production systems. If during development a relying party is not running ssl then you can turn this off. Running with it off exposes the cookie and underlying token for capture and replay by others. | true knoxsso.cookie.max.age | optional: This indicates that a cookie can only live for a specified amount of time - in seconds. This should probably be left to the default which makes it a session cookie. Session cookies are discarded once the browser session is closed. | session knoxsso.cookie.domain.suffix | optional: This indicates the portion of the request hostname that represents the domain to be used for the cookie domain. For single host development scenarios the default behavior should be fine. For production deployments, the expected domain should be set and all configured URLs that are related to SSO should use this domain. Otherwise, the cookie will not be presented by the browser to mismatched URLs. | Default cookie domain or a domain derived from a hostname that includes more than 2 dots.