knox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lmc...@apache.org
Subject svn commit: r1774114 - in /knox: site/books/knox-0-11-0/user-guide.html trunk/books/0.11.0/config_knox_sso.md
Date Tue, 13 Dec 2016 23:10:17 GMT
Author: lmccay
Date: Tue Dec 13 23:10:16 2016
New Revision: 1774114

URL: http://svn.apache.org/viewvc?rev=1774114&view=rev
Log:
KNOX-795 added configuration docs for knoxsso.cookie.name

Modified:
    knox/site/books/knox-0-11-0/user-guide.html
    knox/trunk/books/0.11.0/config_knox_sso.md

Modified: knox/site/books/knox-0-11-0/user-guide.html
URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-11-0/user-guide.html?rev=1774114&r1=1774113&r2=1774114&view=diff
==============================================================================
--- knox/site/books/knox-0-11-0/user-guide.html (original)
+++ knox/site/books/knox-0-11-0/user-guide.html Tue Dec 13 23:10:16 2016
@@ -2630,6 +2630,11 @@ APACHE_HOME/bin/apachectl -k stop
   </thead>
   <tbody>
     <tr>
+      <td>knoxsso.cookie.name </td>
+      <td>This optional setting allows the admin to set the name of the sso cookie
to use to represent a successful authentication event. </td>
+      <td>hadoop-jwt</td>
+    </tr>
+    <tr>
       <td>knoxsso.cookie.secure.only </td>
       <td>This determines whether the browser is allowed to send the cookie over unsecured
channels. This should always be set to true in production systems. If during development a
relying party is not running ssl then you can turn this off. Running with it off exposes the
cookie and underlying token for capture and replay by others. </td>
       <td>true</td>

Modified: knox/trunk/books/0.11.0/config_knox_sso.md
URL: http://svn.apache.org/viewvc/knox/trunk/books/0.11.0/config_knox_sso.md?rev=1774114&r1=1774113&r2=1774114&view=diff
==============================================================================
--- knox/trunk/books/0.11.0/config_knox_sso.md (original)
+++ knox/trunk/books/0.11.0/config_knox_sso.md Tue Dec 13 23:10:16 2016
@@ -32,6 +32,7 @@ This URL is needed when configuring appl
 
 Parameter                        | Description | Default
 -------------------------------- |------------ |----------- 
+knoxsso.cookie.name       | This optional setting allows the admin to set the name of the
sso cookie to use to represent a successful authentication event. | hadoop-jwt
 knoxsso.cookie.secure.only       | This determines whether the browser is allowed to send
the cookie over unsecured channels. This should always be set to true in production systems.
If during development a relying party is not running ssl then you can turn this off. Running
with it off exposes the cookie and underlying token for capture and replay by others. | true
 knoxsso.cookie.max.age           | optional: This indicates that a cookie can only live for
a specified amount of time - in seconds. This should probably be left to the default which
makes it a session cookie. Session cookies are discarded once the browser session is closed.
| session
 knoxsso.cookie.domain.suffix     | optional: This indicates the portion of the request hostname
that represents the domain to be used for the cookie domain. For single host development scenarios
the default behavior should be fine. For production deployments, the expected domain should
be set and all configured URLs that are related to SSO should use this domain. Otherwise,
the cookie will not be presented by the browser to mismatched URLs. | Default cookie domain
or a domain derived from a hostname that includes more than 2 dots.



Mime
View raw message