knox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lmc...@apache.org
Subject svn commit: r1767598 - in /knox: site/books/knox-0-10-0/ site/books/knox-0-9-0/ site/books/knox-0-9-1/ trunk/books/0.10.0/ trunk/books/0.9.0/ trunk/books/0.9.1/
Date Wed, 02 Nov 2016 01:38:50 GMT
Author: lmccay
Date: Wed Nov  2 01:38:50 2016
New Revision: 1767598

URL: http://svn.apache.org/viewvc?rev=1767598&view=rev
Log:
fix formatting

Modified:
    knox/site/books/knox-0-10-0/user-guide.html
    knox/site/books/knox-0-9-0/user-guide.html
    knox/site/books/knox-0-9-1/user-guide.html
    knox/trunk/books/0.10.0/config_hadoop_auth_provider.md
    knox/trunk/books/0.9.0/config_hadoop_auth_provider.md
    knox/trunk/books/0.9.1/config_hadoop_auth_provider.md

Modified: knox/site/books/knox-0-10-0/user-guide.html
URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-10-0/user-guide.html?rev=1767598&r1=1767597&r2=1767598&view=diff
==============================================================================
--- knox/site/books/knox-0-10-0/user-guide.html (original)
+++ knox/site/books/knox-0-10-0/user-guide.html Wed Nov  2 01:38:50 2016
@@ -2174,7 +2174,53 @@ APACHE_HOME/bin/apachectl -k stop
       <td>DENY</td>
     </tr>
   </tbody>
-</table><h3><a id="HadoopAuth+Authentication+Provider">HadoopAuth Authentication
Provider</a> <a href="#HadoopAuth+Authentication+Provider"><img src="markbook-section-link.png"/></a></h3><p>The
HadoopAuth authentication provider for Knox integrates the use of the Apache Hadoop module
for SPNEGO and delegation token based authentication. This introduces the same authentication
pattern used across much of the Hadoop ecosystem to Apache Knox and allows clients to using
the strong authentication and SSO capabilities of Kerberos.</p><h4><a id="Configuration">Configuration</a>
<a href="#Configuration"><img src="markbook-section-link.png"/></a></h4><h5><a
id="Overview">Overview</a> <a href="#Overview"><img src="markbook-section-link.png"/></a></h5><p>As
with all providers in the Knox gateway, the HadoopAuth provider is configured through provider
params. The configuration parameters are the same parameters used within Apache Hadoop for
the same capabilities. In this section, we provide an 
 example configuration and description of each of the parameters. We do encourage the reader
to refer to the Hadoop documentation for this as well. (see <a href="http://hadoop.apache.org/docs/current/hadoop-auth/Configuration.html">http://hadoop.apache.org/docs/current/hadoop-auth/Configuration.html</a>)</p><p>One
of the interesting things to note about this configuration is the use of the config.prefix
parameter. In Hadoop there may be multiple components with their own specific configuration
values for these parameters and since they may get mixed into the same Configuration object
- there needs to be a way to identify the component specific values. The config.prefix parameter
is used for this and is prepended to each of the configuration parameters for this provider.
Below, you see an example configuration where the value for config.prefix happens to be &lsquo;hadoop.auth.config&rsquo;.
You will also notice that this same value is prepended to the name of the rest of the configura
 tion parameters.</p><p><provider>  <role>authentication</role>
 <name>HadoopAuth</name>  <enabled>true</enabled>  <param> 
<name>config.prefix</name>  <value>hadoop.auth.config</value>  </param>
 <param>  <name>hadoop.auth.config.signature.secret</name>  <value>knox-signature-secret</value>
 </param>  <param>  <name>hadoop.auth.config.type</name>  <value>kerberos</value>
 </param>  <param>  <name>hadoop.auth.config.simple.anonymous.allowed</name>
 <value>false</value>  </param>  <param>  <name>hadoop.auth.config.token.validity</name>
 <value>1800</value>  </param>  <param>  <name>hadoop.auth.config.cookie.domain</name>
 <value>novalocal</value>  </param>  <param>  <name>hadoop.auth.config.cookie.path</name>
 <value>gateway/default</value>  </param>  <param>  <name>hadoop.auth.config.kerberos.principal</name>
 <value>HTTP/lmccay<a href="mailto:&#x2d;&#107;&#110;&#111;&#x78;&#x66;&#x74;&#45;&#50;&#52;&#x6d;&#x2d;&#114;&#54;-&#x73;e&#99;&#45;1&#x36;&#x30;&#x34;&#50;&#50;-&#49;&#51;&#x3
 2;7&#45;&#50;&#46;&#x6e;&#111;v&#97;loc&#97;&#x6c;&#x40;&#x45;X&#x41;MP&#76;&#69;&#46;&#67;O&#77;&#60;&#47;&#x76;&#x61;&#x6c;&#x75;&#101;">&#x2d;&#107;&#110;&#111;&#x78;&#x66;&#x74;&#45;&#50;&#52;&#x6d;&#x2d;&#114;&#54;-&#x73;e&#99;&#45;1&#x36;&#x30;&#x34;&#50;&#50;-&#49;&#51;&#x32;7&#45;&#50;&#46;&#x6e;&#111;v&#97;loc&#97;&#x6c;&#x40;&#x45;X&#x41;MP&#76;&#69;&#46;&#67;O&#77;&#60;&#47;&#x76;&#x61;&#x6c;&#x75;&#101;</a>
 </param>  <param>  <name>hadoop.auth.config.kerberos.keytab</name>
 <value>/etc/security/keytabs/spnego.service.keytab</value>  </param>  <param>
 <name>hadoop.auth.config.kerberos.name.rules</name>  <value>DEFAULT</value>
 </param>  </provider></p><h4><a id="Descriptions">Descriptions</a>
<a href="#Descriptions"><img src="markbook-section-link.png"/></a></h4><p>The
following tables describes the configuration parameters for the HadoopAuth provider:</p><h6><a
id="Config">Config</a> <a href="#Config"><img src="markbook-section-link.png"/></a></h6>
+</table><h3><a id="HadoopAuth+Authentication+Provider">HadoopAuth Authentication
Provider</a> <a href="#HadoopAuth+Authentication+Provider"><img src="markbook-section-link.png"/></a></h3><p>The
HadoopAuth authentication provider for Knox integrates the use of the Apache Hadoop module
for SPNEGO and delegation token based authentication. This introduces the same authentication
pattern used across much of the Hadoop ecosystem to Apache Knox and allows clients to using
the strong authentication and SSO capabilities of Kerberos.</p><h4><a id="Configuration">Configuration</a>
<a href="#Configuration"><img src="markbook-section-link.png"/></a></h4><h5><a
id="Overview">Overview</a> <a href="#Overview"><img src="markbook-section-link.png"/></a></h5><p>As
with all providers in the Knox gateway, the HadoopAuth provider is configured through provider
params. The configuration parameters are the same parameters used within Apache Hadoop for
the same capabilities. In this section, we provide an 
 example configuration and description of each of the parameters. We do encourage the reader
to refer to the Hadoop documentation for this as well. (see <a href="http://hadoop.apache.org/docs/current/hadoop-auth/Configuration.html">http://hadoop.apache.org/docs/current/hadoop-auth/Configuration.html</a>)</p><p>One
of the interesting things to note about this configuration is the use of the config.prefix
parameter. In Hadoop there may be multiple components with their own specific configuration
values for these parameters and since they may get mixed into the same Configuration object
- there needs to be a way to identify the component specific values. The config.prefix parameter
is used for this and is prepended to each of the configuration parameters for this provider.
Below, you see an example configuration where the value for config.prefix happens to be &lsquo;hadoop.auth.config&rsquo;.
You will also notice that this same value is prepended to the name of the rest of the configura
 tion parameters.</p>
+<pre><code>&lt;provider&gt;
+  &lt;role&gt;authentication&lt;/role&gt;
+  &lt;name&gt;HadoopAuth&lt;/name&gt;
+  &lt;enabled&gt;true&lt;/enabled&gt;
+  &lt;param&gt;
+    &lt;name&gt;config.prefix&lt;/name&gt;
+    &lt;value&gt;hadoop.auth.config&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.signature.secret&lt;/name&gt;
+    &lt;value&gt;knox-signature-secret&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.type&lt;/name&gt;
+    &lt;value&gt;kerberos&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.simple.anonymous.allowed&lt;/name&gt;
+    &lt;value&gt;false&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.token.validity&lt;/name&gt;
+    &lt;value&gt;1800&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.cookie.domain&lt;/name&gt;
+    &lt;value&gt;novalocal&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.cookie.path&lt;/name&gt;
+    &lt;value&gt;gateway/default&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.kerberos.principal&lt;/name&gt;
+    &lt;value&gt;HTTP/lmccay-knoxft-24m-r6-sec-160422-1327-2.novalocal@EXAMPLE.COM&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.kerberos.keytab&lt;/name&gt;
+    &lt;value&gt;/etc/security/keytabs/spnego.service.keytab&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.kerberos.name.rules&lt;/name&gt;
+    &lt;value&gt;DEFAULT&lt;/value&gt;
+  &lt;/param&gt;
+&lt;/provider&gt;
+</code></pre><h4><a id="Descriptions">Descriptions</a> <a
href="#Descriptions"><img src="markbook-section-link.png"/></a></h4><p>The
following tables describes the configuration parameters for the HadoopAuth provider:</p><h6><a
id="Config">Config</a> <a href="#Config"><img src="markbook-section-link.png"/></a></h6>
 <table>
   <thead>
     <tr>

Modified: knox/site/books/knox-0-9-0/user-guide.html
URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-9-0/user-guide.html?rev=1767598&r1=1767597&r2=1767598&view=diff
==============================================================================
--- knox/site/books/knox-0-9-0/user-guide.html (original)
+++ knox/site/books/knox-0-9-0/user-guide.html Wed Nov  2 01:38:50 2016
@@ -2174,7 +2174,53 @@ APACHE_HOME/bin/apachectl -k stop
       <td>DENY</td>
     </tr>
   </tbody>
-</table><h3><a id="HadoopAuth+Authentication+Provider">HadoopAuth Authentication
Provider</a> <a href="#HadoopAuth+Authentication+Provider"><img src="markbook-section-link.png"/></a></h3><p>The
HadoopAuth authentication provider for Knox integrates the use of the Apache Hadoop module
for SPNEGO and delegation token based authentication. This introduces the same authentication
pattern used across much of the Hadoop ecosystem to Apache Knox and allows clients to using
the strong authentication and SSO capabilities of Kerberos.</p><h4><a id="Configuration">Configuration</a>
<a href="#Configuration"><img src="markbook-section-link.png"/></a></h4><h5><a
id="Overview">Overview</a> <a href="#Overview"><img src="markbook-section-link.png"/></a></h5><p>As
with all providers in the Knox gateway, the HadoopAuth provider is configured through provider
params. The configuration parameters are the same parameters used within Apache Hadoop for
the same capabilities. In this section, we provide an 
 example configuration and description of each of the parameters. We do encourage the reader
to refer to the Hadoop documentation for this as well. (see <a href="http://hadoop.apache.org/docs/current/hadoop-auth/Configuration.html">http://hadoop.apache.org/docs/current/hadoop-auth/Configuration.html</a>)</p><p>One
of the interesting things to note about this configuration is the use of the config.prefix
parameter. In Hadoop there may be multiple components with their own specific configuration
values for these parameters and since they may get mixed into the same Configuration object
- there needs to be a way to identify the component specific values. The config.prefix parameter
is used for this and is prepended to each of the configuration parameters for this provider.
Below, you see an example configuration where the value for config.prefix happens to be &lsquo;hadoop.auth.config&rsquo;.
You will also notice that this same value is prepended to the name of the rest of the configura
 tion parameters.</p><p><provider>  <role>authentication</role>
 <name>HadoopAuth</name>  <enabled>true</enabled>  <param> 
<name>config.prefix</name>  <value>hadoop.auth.config</value>  </param>
 <param>  <name>hadoop.auth.config.signature.secret</name>  <value>knox-signature-secret</value>
 </param>  <param>  <name>hadoop.auth.config.type</name>  <value>kerberos</value>
 </param>  <param>  <name>hadoop.auth.config.simple.anonymous.allowed</name>
 <value>false</value>  </param>  <param>  <name>hadoop.auth.config.token.validity</name>
 <value>1800</value>  </param>  <param>  <name>hadoop.auth.config.cookie.domain</name>
 <value>novalocal</value>  </param>  <param>  <name>hadoop.auth.config.cookie.path</name>
 <value>gateway/default</value>  </param>  <param>  <name>hadoop.auth.config.kerberos.principal</name>
 <value>HTTP/lmccay<a href="mailto:&#x2d;&#107;&#110;&#111;&#x78;&#x66;&#x74;&#45;&#50;&#52;&#x6d;&#x2d;&#114;&#54;-&#x73;e&#99;&#45;1&#x36;&#x30;&#x34;&#50;&#50;-&#49;&#51;&#x3
 2;7&#45;&#50;&#46;&#x6e;&#111;v&#97;loc&#97;&#x6c;&#x40;&#x45;X&#x41;MP&#76;&#69;&#46;&#67;O&#77;&#60;&#47;&#x76;&#x61;&#x6c;&#x75;&#101;">&#x2d;&#107;&#110;&#111;&#x78;&#x66;&#x74;&#45;&#50;&#52;&#x6d;&#x2d;&#114;&#54;-&#x73;e&#99;&#45;1&#x36;&#x30;&#x34;&#50;&#50;-&#49;&#51;&#x32;7&#45;&#50;&#46;&#x6e;&#111;v&#97;loc&#97;&#x6c;&#x40;&#x45;X&#x41;MP&#76;&#69;&#46;&#67;O&#77;&#60;&#47;&#x76;&#x61;&#x6c;&#x75;&#101;</a>
 </param>  <param>  <name>hadoop.auth.config.kerberos.keytab</name>
 <value>/etc/security/keytabs/spnego.service.keytab</value>  </param>  <param>
 <name>hadoop.auth.config.kerberos.name.rules</name>  <value>DEFAULT</value>
 </param>  </provider></p><h4><a id="Descriptions">Descriptions</a>
<a href="#Descriptions"><img src="markbook-section-link.png"/></a></h4><p>The
following tables describes the configuration parameters for the HadoopAuth provider:</p><h6><a
id="Config">Config</a> <a href="#Config"><img src="markbook-section-link.png"/></a></h6>
+</table><h3><a id="HadoopAuth+Authentication+Provider">HadoopAuth Authentication
Provider</a> <a href="#HadoopAuth+Authentication+Provider"><img src="markbook-section-link.png"/></a></h3><p>The
HadoopAuth authentication provider for Knox integrates the use of the Apache Hadoop module
for SPNEGO and delegation token based authentication. This introduces the same authentication
pattern used across much of the Hadoop ecosystem to Apache Knox and allows clients to using
the strong authentication and SSO capabilities of Kerberos.</p><h4><a id="Configuration">Configuration</a>
<a href="#Configuration"><img src="markbook-section-link.png"/></a></h4><h5><a
id="Overview">Overview</a> <a href="#Overview"><img src="markbook-section-link.png"/></a></h5><p>As
with all providers in the Knox gateway, the HadoopAuth provider is configured through provider
params. The configuration parameters are the same parameters used within Apache Hadoop for
the same capabilities. In this section, we provide an 
 example configuration and description of each of the parameters. We do encourage the reader
to refer to the Hadoop documentation for this as well. (see <a href="http://hadoop.apache.org/docs/current/hadoop-auth/Configuration.html">http://hadoop.apache.org/docs/current/hadoop-auth/Configuration.html</a>)</p><p>One
of the interesting things to note about this configuration is the use of the config.prefix
parameter. In Hadoop there may be multiple components with their own specific configuration
values for these parameters and since they may get mixed into the same Configuration object
- there needs to be a way to identify the component specific values. The config.prefix parameter
is used for this and is prepended to each of the configuration parameters for this provider.
Below, you see an example configuration where the value for config.prefix happens to be &lsquo;hadoop.auth.config&rsquo;.
You will also notice that this same value is prepended to the name of the rest of the configura
 tion parameters.</p>
+<pre><code>&lt;provider&gt;
+  &lt;role&gt;authentication&lt;/role&gt;
+  &lt;name&gt;HadoopAuth&lt;/name&gt;
+  &lt;enabled&gt;true&lt;/enabled&gt;
+  &lt;param&gt;
+    &lt;name&gt;config.prefix&lt;/name&gt;
+    &lt;value&gt;hadoop.auth.config&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.signature.secret&lt;/name&gt;
+    &lt;value&gt;knox-signature-secret&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.type&lt;/name&gt;
+    &lt;value&gt;kerberos&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.simple.anonymous.allowed&lt;/name&gt;
+    &lt;value&gt;false&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.token.validity&lt;/name&gt;
+    &lt;value&gt;1800&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.cookie.domain&lt;/name&gt;
+    &lt;value&gt;novalocal&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.cookie.path&lt;/name&gt;
+    &lt;value&gt;gateway/default&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.kerberos.principal&lt;/name&gt;
+    &lt;value&gt;HTTP/lmccay-knoxft-24m-r6-sec-160422-1327-2.novalocal@EXAMPLE.COM&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.kerberos.keytab&lt;/name&gt;
+    &lt;value&gt;/etc/security/keytabs/spnego.service.keytab&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.kerberos.name.rules&lt;/name&gt;
+    &lt;value&gt;DEFAULT&lt;/value&gt;
+  &lt;/param&gt;
+&lt;/provider&gt;
+</code></pre><h4><a id="Descriptions">Descriptions</a> <a
href="#Descriptions"><img src="markbook-section-link.png"/></a></h4><p>The
following tables describes the configuration parameters for the HadoopAuth provider:</p><h6><a
id="Config">Config</a> <a href="#Config"><img src="markbook-section-link.png"/></a></h6>
 <table>
   <thead>
     <tr>

Modified: knox/site/books/knox-0-9-1/user-guide.html
URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-9-1/user-guide.html?rev=1767598&r1=1767597&r2=1767598&view=diff
==============================================================================
--- knox/site/books/knox-0-9-1/user-guide.html (original)
+++ knox/site/books/knox-0-9-1/user-guide.html Wed Nov  2 01:38:50 2016
@@ -2174,7 +2174,53 @@ APACHE_HOME/bin/apachectl -k stop
       <td>DENY</td>
     </tr>
   </tbody>
-</table><h3><a id="HadoopAuth+Authentication+Provider">HadoopAuth Authentication
Provider</a> <a href="#HadoopAuth+Authentication+Provider"><img src="markbook-section-link.png"/></a></h3><p>The
HadoopAuth authentication provider for Knox integrates the use of the Apache Hadoop module
for SPNEGO and delegation token based authentication. This introduces the same authentication
pattern used across much of the Hadoop ecosystem to Apache Knox and allows clients to using
the strong authentication and SSO capabilities of Kerberos.</p><h4><a id="Configuration">Configuration</a>
<a href="#Configuration"><img src="markbook-section-link.png"/></a></h4><h5><a
id="Overview">Overview</a> <a href="#Overview"><img src="markbook-section-link.png"/></a></h5><p>As
with all providers in the Knox gateway, the HadoopAuth provider is configured through provider
params. The configuration parameters are the same parameters used within Apache Hadoop for
the same capabilities. In this section, we provide an 
 example configuration and description of each of the parameters. We do encourage the reader
to refer to the Hadoop documentation for this as well. (see <a href="http://hadoop.apache.org/docs/current/hadoop-auth/Configuration.html">http://hadoop.apache.org/docs/current/hadoop-auth/Configuration.html</a>)</p><p>One
of the interesting things to note about this configuration is the use of the config.prefix
parameter. In Hadoop there may be multiple components with their own specific configuration
values for these parameters and since they may get mixed into the same Configuration object
- there needs to be a way to identify the component specific values. The config.prefix parameter
is used for this and is prepended to each of the configuration parameters for this provider.
Below, you see an example configuration where the value for config.prefix happens to be &lsquo;hadoop.auth.config&rsquo;.
You will also notice that this same value is prepended to the name of the rest of the configura
 tion parameters.</p><p><provider>  <role>authentication</role>
 <name>HadoopAuth</name>  <enabled>true</enabled>  <param> 
<name>config.prefix</name>  <value>hadoop.auth.config</value>  </param>
 <param>  <name>hadoop.auth.config.signature.secret</name>  <value>knox-signature-secret</value>
 </param>  <param>  <name>hadoop.auth.config.type</name>  <value>kerberos</value>
 </param>  <param>  <name>hadoop.auth.config.simple.anonymous.allowed</name>
 <value>false</value>  </param>  <param>  <name>hadoop.auth.config.token.validity</name>
 <value>1800</value>  </param>  <param>  <name>hadoop.auth.config.cookie.domain</name>
 <value>novalocal</value>  </param>  <param>  <name>hadoop.auth.config.cookie.path</name>
 <value>gateway/default</value>  </param>  <param>  <name>hadoop.auth.config.kerberos.principal</name>
 <value>HTTP/lmccay<a href="mailto:&#x2d;&#107;&#110;&#111;&#x78;&#x66;&#x74;&#45;&#50;&#52;&#x6d;&#x2d;&#114;&#54;-&#x73;e&#99;&#45;1&#x36;&#x30;&#x34;&#50;&#50;-&#49;&#51;&#x3
 2;7&#45;&#50;&#46;&#x6e;&#111;v&#97;loc&#97;&#x6c;&#x40;&#x45;X&#x41;MP&#76;&#69;&#46;&#67;O&#77;&#60;&#47;&#x76;&#x61;&#x6c;&#x75;&#101;">&#x2d;&#107;&#110;&#111;&#x78;&#x66;&#x74;&#45;&#50;&#52;&#x6d;&#x2d;&#114;&#54;-&#x73;e&#99;&#45;1&#x36;&#x30;&#x34;&#50;&#50;-&#49;&#51;&#x32;7&#45;&#50;&#46;&#x6e;&#111;v&#97;loc&#97;&#x6c;&#x40;&#x45;X&#x41;MP&#76;&#69;&#46;&#67;O&#77;&#60;&#47;&#x76;&#x61;&#x6c;&#x75;&#101;</a>
 </param>  <param>  <name>hadoop.auth.config.kerberos.keytab</name>
 <value>/etc/security/keytabs/spnego.service.keytab</value>  </param>  <param>
 <name>hadoop.auth.config.kerberos.name.rules</name>  <value>DEFAULT</value>
 </param>  </provider></p><h4><a id="Descriptions">Descriptions</a>
<a href="#Descriptions"><img src="markbook-section-link.png"/></a></h4><p>The
following tables describes the configuration parameters for the HadoopAuth provider:</p><h6><a
id="Config">Config</a> <a href="#Config"><img src="markbook-section-link.png"/></a></h6>
+</table><h3><a id="HadoopAuth+Authentication+Provider">HadoopAuth Authentication
Provider</a> <a href="#HadoopAuth+Authentication+Provider"><img src="markbook-section-link.png"/></a></h3><p>The
HadoopAuth authentication provider for Knox integrates the use of the Apache Hadoop module
for SPNEGO and delegation token based authentication. This introduces the same authentication
pattern used across much of the Hadoop ecosystem to Apache Knox and allows clients to using
the strong authentication and SSO capabilities of Kerberos.</p><h4><a id="Configuration">Configuration</a>
<a href="#Configuration"><img src="markbook-section-link.png"/></a></h4><h5><a
id="Overview">Overview</a> <a href="#Overview"><img src="markbook-section-link.png"/></a></h5><p>As
with all providers in the Knox gateway, the HadoopAuth provider is configured through provider
params. The configuration parameters are the same parameters used within Apache Hadoop for
the same capabilities. In this section, we provide an 
 example configuration and description of each of the parameters. We do encourage the reader
to refer to the Hadoop documentation for this as well. (see <a href="http://hadoop.apache.org/docs/current/hadoop-auth/Configuration.html">http://hadoop.apache.org/docs/current/hadoop-auth/Configuration.html</a>)</p><p>One
of the interesting things to note about this configuration is the use of the config.prefix
parameter. In Hadoop there may be multiple components with their own specific configuration
values for these parameters and since they may get mixed into the same Configuration object
- there needs to be a way to identify the component specific values. The config.prefix parameter
is used for this and is prepended to each of the configuration parameters for this provider.
Below, you see an example configuration where the value for config.prefix happens to be &lsquo;hadoop.auth.config&rsquo;.
You will also notice that this same value is prepended to the name of the rest of the configura
 tion parameters.</p>
+<pre><code>&lt;provider&gt;
+  &lt;role&gt;authentication&lt;/role&gt;
+  &lt;name&gt;HadoopAuth&lt;/name&gt;
+  &lt;enabled&gt;true&lt;/enabled&gt;
+  &lt;param&gt;
+    &lt;name&gt;config.prefix&lt;/name&gt;
+    &lt;value&gt;hadoop.auth.config&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.signature.secret&lt;/name&gt;
+    &lt;value&gt;knox-signature-secret&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.type&lt;/name&gt;
+    &lt;value&gt;kerberos&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.simple.anonymous.allowed&lt;/name&gt;
+    &lt;value&gt;false&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.token.validity&lt;/name&gt;
+    &lt;value&gt;1800&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.cookie.domain&lt;/name&gt;
+    &lt;value&gt;novalocal&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.cookie.path&lt;/name&gt;
+    &lt;value&gt;gateway/default&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.kerberos.principal&lt;/name&gt;
+    &lt;value&gt;HTTP/lmccay-knoxft-24m-r6-sec-160422-1327-2.novalocal@EXAMPLE.COM&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.kerberos.keytab&lt;/name&gt;
+    &lt;value&gt;/etc/security/keytabs/spnego.service.keytab&lt;/value&gt;
+  &lt;/param&gt;
+  &lt;param&gt;
+    &lt;name&gt;hadoop.auth.config.kerberos.name.rules&lt;/name&gt;
+    &lt;value&gt;DEFAULT&lt;/value&gt;
+  &lt;/param&gt;
+&lt;/provider&gt;
+</code></pre><h4><a id="Descriptions">Descriptions</a> <a
href="#Descriptions"><img src="markbook-section-link.png"/></a></h4><p>The
following tables describes the configuration parameters for the HadoopAuth provider:</p><h6><a
id="Config">Config</a> <a href="#Config"><img src="markbook-section-link.png"/></a></h6>
 <table>
   <thead>
     <tr>

Modified: knox/trunk/books/0.10.0/config_hadoop_auth_provider.md
URL: http://svn.apache.org/viewvc/knox/trunk/books/0.10.0/config_hadoop_auth_provider.md?rev=1767598&r1=1767597&r2=1767598&view=diff
==============================================================================
--- knox/trunk/books/0.10.0/config_hadoop_auth_provider.md (original)
+++ knox/trunk/books/0.10.0/config_hadoop_auth_provider.md Wed Nov  2 01:38:50 2016
@@ -24,51 +24,51 @@ As with all providers in the Knox gatewa
 
 One of the interesting things to note about this configuration is the use of the config.prefix
parameter. In Hadoop there may be multiple components with their own specific configuration
values for these parameters and since they may get mixed into the same Configuration object
- there needs to be a way to identify the component specific values. The config.prefix parameter
is used for this and is prepended to each of the configuration parameters for this provider.
Below, you see an example configuration where the value for config.prefix happens to be 'hadoop.auth.config'.
You will also notice that this same value is prepended to the name of the rest of the configuration
parameters.
 
-  <provider>
-    <role>authentication</role>
-    <name>HadoopAuth</name>
-    <enabled>true</enabled>
-    <param>
-      <name>config.prefix</name>
-      <value>hadoop.auth.config</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.signature.secret</name>
-      <value>knox-signature-secret</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.type</name>
-      <value>kerberos</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.simple.anonymous.allowed</name>
-      <value>false</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.token.validity</name>
-      <value>1800</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.cookie.domain</name>
-      <value>novalocal</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.cookie.path</name>
-      <value>gateway/default</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.kerberos.principal</name>
-      <value>HTTP/lmccay-knoxft-24m-r6-sec-160422-1327-2.novalocal@EXAMPLE.COM</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.kerberos.keytab</name>
-      <value>/etc/security/keytabs/spnego.service.keytab</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.kerberos.name.rules</name>
-      <value>DEFAULT</value>
-    </param>
-  </provider>
+    <provider>
+      <role>authentication</role>
+      <name>HadoopAuth</name>
+      <enabled>true</enabled>
+      <param>
+        <name>config.prefix</name>
+        <value>hadoop.auth.config</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.signature.secret</name>
+        <value>knox-signature-secret</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.type</name>
+        <value>kerberos</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.simple.anonymous.allowed</name>
+        <value>false</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.token.validity</name>
+        <value>1800</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.cookie.domain</name>
+        <value>novalocal</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.cookie.path</name>
+        <value>gateway/default</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.kerberos.principal</name>
+        <value>HTTP/lmccay-knoxft-24m-r6-sec-160422-1327-2.novalocal@EXAMPLE.COM</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.kerberos.keytab</name>
+        <value>/etc/security/keytabs/spnego.service.keytab</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.kerberos.name.rules</name>
+        <value>DEFAULT</value>
+      </param>
+    </provider>
   
 
 #### Descriptions ####

Modified: knox/trunk/books/0.9.0/config_hadoop_auth_provider.md
URL: http://svn.apache.org/viewvc/knox/trunk/books/0.9.0/config_hadoop_auth_provider.md?rev=1767598&r1=1767597&r2=1767598&view=diff
==============================================================================
--- knox/trunk/books/0.9.0/config_hadoop_auth_provider.md (original)
+++ knox/trunk/books/0.9.0/config_hadoop_auth_provider.md Wed Nov  2 01:38:50 2016
@@ -24,51 +24,51 @@ As with all providers in the Knox gatewa
 
 One of the interesting things to note about this configuration is the use of the config.prefix
parameter. In Hadoop there may be multiple components with their own specific configuration
values for these parameters and since they may get mixed into the same Configuration object
- there needs to be a way to identify the component specific values. The config.prefix parameter
is used for this and is prepended to each of the configuration parameters for this provider.
Below, you see an example configuration where the value for config.prefix happens to be 'hadoop.auth.config'.
You will also notice that this same value is prepended to the name of the rest of the configuration
parameters.
 
-  <provider>
-    <role>authentication</role>
-    <name>HadoopAuth</name>
-    <enabled>true</enabled>
-    <param>
-      <name>config.prefix</name>
-      <value>hadoop.auth.config</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.signature.secret</name>
-      <value>knox-signature-secret</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.type</name>
-      <value>kerberos</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.simple.anonymous.allowed</name>
-      <value>false</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.token.validity</name>
-      <value>1800</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.cookie.domain</name>
-      <value>novalocal</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.cookie.path</name>
-      <value>gateway/default</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.kerberos.principal</name>
-      <value>HTTP/lmccay-knoxft-24m-r6-sec-160422-1327-2.novalocal@EXAMPLE.COM</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.kerberos.keytab</name>
-      <value>/etc/security/keytabs/spnego.service.keytab</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.kerberos.name.rules</name>
-      <value>DEFAULT</value>
-    </param>
-  </provider>
+    <provider>
+      <role>authentication</role>
+      <name>HadoopAuth</name>
+      <enabled>true</enabled>
+      <param>
+        <name>config.prefix</name>
+        <value>hadoop.auth.config</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.signature.secret</name>
+        <value>knox-signature-secret</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.type</name>
+        <value>kerberos</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.simple.anonymous.allowed</name>
+        <value>false</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.token.validity</name>
+        <value>1800</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.cookie.domain</name>
+        <value>novalocal</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.cookie.path</name>
+        <value>gateway/default</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.kerberos.principal</name>
+        <value>HTTP/lmccay-knoxft-24m-r6-sec-160422-1327-2.novalocal@EXAMPLE.COM</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.kerberos.keytab</name>
+        <value>/etc/security/keytabs/spnego.service.keytab</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.kerberos.name.rules</name>
+        <value>DEFAULT</value>
+      </param>
+    </provider>
   
 
 #### Descriptions ####

Modified: knox/trunk/books/0.9.1/config_hadoop_auth_provider.md
URL: http://svn.apache.org/viewvc/knox/trunk/books/0.9.1/config_hadoop_auth_provider.md?rev=1767598&r1=1767597&r2=1767598&view=diff
==============================================================================
--- knox/trunk/books/0.9.1/config_hadoop_auth_provider.md (original)
+++ knox/trunk/books/0.9.1/config_hadoop_auth_provider.md Wed Nov  2 01:38:50 2016
@@ -24,51 +24,51 @@ As with all providers in the Knox gatewa
 
 One of the interesting things to note about this configuration is the use of the config.prefix
parameter. In Hadoop there may be multiple components with their own specific configuration
values for these parameters and since they may get mixed into the same Configuration object
- there needs to be a way to identify the component specific values. The config.prefix parameter
is used for this and is prepended to each of the configuration parameters for this provider.
Below, you see an example configuration where the value for config.prefix happens to be 'hadoop.auth.config'.
You will also notice that this same value is prepended to the name of the rest of the configuration
parameters.
 
-  <provider>
-    <role>authentication</role>
-    <name>HadoopAuth</name>
-    <enabled>true</enabled>
-    <param>
-      <name>config.prefix</name>
-      <value>hadoop.auth.config</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.signature.secret</name>
-      <value>knox-signature-secret</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.type</name>
-      <value>kerberos</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.simple.anonymous.allowed</name>
-      <value>false</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.token.validity</name>
-      <value>1800</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.cookie.domain</name>
-      <value>novalocal</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.cookie.path</name>
-      <value>gateway/default</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.kerberos.principal</name>
-      <value>HTTP/lmccay-knoxft-24m-r6-sec-160422-1327-2.novalocal@EXAMPLE.COM</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.kerberos.keytab</name>
-      <value>/etc/security/keytabs/spnego.service.keytab</value>
-    </param>
-    <param>
-      <name>hadoop.auth.config.kerberos.name.rules</name>
-      <value>DEFAULT</value>
-    </param>
-  </provider>
+    <provider>
+      <role>authentication</role>
+      <name>HadoopAuth</name>
+      <enabled>true</enabled>
+      <param>
+        <name>config.prefix</name>
+        <value>hadoop.auth.config</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.signature.secret</name>
+        <value>knox-signature-secret</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.type</name>
+        <value>kerberos</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.simple.anonymous.allowed</name>
+        <value>false</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.token.validity</name>
+        <value>1800</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.cookie.domain</name>
+        <value>novalocal</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.cookie.path</name>
+        <value>gateway/default</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.kerberos.principal</name>
+        <value>HTTP/lmccay-knoxft-24m-r6-sec-160422-1327-2.novalocal@EXAMPLE.COM</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.kerberos.keytab</name>
+        <value>/etc/security/keytabs/spnego.service.keytab</value>
+      </param>
+      <param>
+        <name>hadoop.auth.config.kerberos.name.rules</name>
+        <value>DEFAULT</value>
+      </param>
+    </provider>
   
 
 #### Descriptions ####




Mime
View raw message