knox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lmc...@apache.org
Subject svn commit: r1787121 - in /knox: site/index.html site/issue-tracking.html site/license.html site/mail-lists.html site/project-info.html site/team-list.html trunk/books/0.12.0/config_knox_token.md
Date Thu, 16 Mar 2017 05:20:08 GMT
Author: lmccay
Date: Thu Mar 16 05:20:08 2017
New Revision: 1787121

URL: http://svn.apache.org/viewvc?rev=1787121&view=rev
Log:
adding docs for KnoxToken service to 0.12.0

Added:
    knox/trunk/books/0.12.0/config_knox_token.md
Modified:
    knox/site/index.html
    knox/site/issue-tracking.html
    knox/site/license.html
    knox/site/mail-lists.html
    knox/site/project-info.html
    knox/site/team-list.html

Modified: knox/site/index.html
URL: http://svn.apache.org/viewvc/knox/site/index.html?rev=1787121&r1=1787120&r2=1787121&view=diff
==============================================================================
--- knox/site/index.html (original)
+++ knox/site/index.html Thu Mar 16 05:20:08 2017
@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!--
- | Generated by Apache Maven Doxia at 2017-02-28
+ | Generated by Apache Maven Doxia at 2017-03-16
  | Rendered using Apache Maven Fluido Skin 1.3.0
 -->
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <meta name="Date-Revision-yyyymmdd" content="20170228" />
+    <meta name="Date-Revision-yyyymmdd" content="20170316" />
     <meta http-equiv="Content-Language" content="en" />
     <title>Knox Gateway &#x2013; REST API Gateway for the Apache Hadoop Ecosystem</title>
     <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
@@ -58,7 +58,7 @@
               
                 
                     
-                  <li id="publishDate" class="pull-right">Last Published: 2017-02-28</li>

+                  <li id="publishDate" class="pull-right">Last Published: 2017-03-16</li>

             
                             </ul>
       </div>

Modified: knox/site/issue-tracking.html
URL: http://svn.apache.org/viewvc/knox/site/issue-tracking.html?rev=1787121&r1=1787120&r2=1787121&view=diff
==============================================================================
--- knox/site/issue-tracking.html (original)
+++ knox/site/issue-tracking.html Thu Mar 16 05:20:08 2017
@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!--
- | Generated by Apache Maven Doxia at 2017-02-28
+ | Generated by Apache Maven Doxia at 2017-03-16
  | Rendered using Apache Maven Fluido Skin 1.3.0
 -->
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <meta name="Date-Revision-yyyymmdd" content="20170228" />
+    <meta name="Date-Revision-yyyymmdd" content="20170316" />
     <meta http-equiv="Content-Language" content="en" />
     <title>Knox Gateway &#x2013; Issue Tracking</title>
     <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
@@ -58,7 +58,7 @@
               
                 
                     
-                  <li id="publishDate" class="pull-right">Last Published: 2017-02-28</li>

+                  <li id="publishDate" class="pull-right">Last Published: 2017-03-16</li>

             
                             </ul>
       </div>

Modified: knox/site/license.html
URL: http://svn.apache.org/viewvc/knox/site/license.html?rev=1787121&r1=1787120&r2=1787121&view=diff
==============================================================================
--- knox/site/license.html (original)
+++ knox/site/license.html Thu Mar 16 05:20:08 2017
@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!--
- | Generated by Apache Maven Doxia at 2017-02-28
+ | Generated by Apache Maven Doxia at 2017-03-16
  | Rendered using Apache Maven Fluido Skin 1.3.0
 -->
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <meta name="Date-Revision-yyyymmdd" content="20170228" />
+    <meta name="Date-Revision-yyyymmdd" content="20170316" />
     <meta http-equiv="Content-Language" content="en" />
     <title>Knox Gateway &#x2013; Project License</title>
     <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
@@ -58,7 +58,7 @@
               
                 
                     
-                  <li id="publishDate" class="pull-right">Last Published: 2017-02-28</li>

+                  <li id="publishDate" class="pull-right">Last Published: 2017-03-16</li>

             
                             </ul>
       </div>

Modified: knox/site/mail-lists.html
URL: http://svn.apache.org/viewvc/knox/site/mail-lists.html?rev=1787121&r1=1787120&r2=1787121&view=diff
==============================================================================
--- knox/site/mail-lists.html (original)
+++ knox/site/mail-lists.html Thu Mar 16 05:20:08 2017
@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!--
- | Generated by Apache Maven Doxia at 2017-02-28
+ | Generated by Apache Maven Doxia at 2017-03-16
  | Rendered using Apache Maven Fluido Skin 1.3.0
 -->
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <meta name="Date-Revision-yyyymmdd" content="20170228" />
+    <meta name="Date-Revision-yyyymmdd" content="20170316" />
     <meta http-equiv="Content-Language" content="en" />
     <title>Knox Gateway &#x2013; Project Mailing Lists</title>
     <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
@@ -58,7 +58,7 @@
               
                 
                     
-                  <li id="publishDate" class="pull-right">Last Published: 2017-02-28</li>

+                  <li id="publishDate" class="pull-right">Last Published: 2017-03-16</li>

             
                             </ul>
       </div>

Modified: knox/site/project-info.html
URL: http://svn.apache.org/viewvc/knox/site/project-info.html?rev=1787121&r1=1787120&r2=1787121&view=diff
==============================================================================
--- knox/site/project-info.html (original)
+++ knox/site/project-info.html Thu Mar 16 05:20:08 2017
@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!--
- | Generated by Apache Maven Doxia at 2017-02-28
+ | Generated by Apache Maven Doxia at 2017-03-16
  | Rendered using Apache Maven Fluido Skin 1.3.0
 -->
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <meta name="Date-Revision-yyyymmdd" content="20170228" />
+    <meta name="Date-Revision-yyyymmdd" content="20170316" />
     <meta http-equiv="Content-Language" content="en" />
     <title>Knox Gateway &#x2013; Project Information</title>
     <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
@@ -58,7 +58,7 @@
               
                 
                     
-                  <li id="publishDate" class="pull-right">Last Published: 2017-02-28</li>

+                  <li id="publishDate" class="pull-right">Last Published: 2017-03-16</li>

             
                             </ul>
       </div>

Modified: knox/site/team-list.html
URL: http://svn.apache.org/viewvc/knox/site/team-list.html?rev=1787121&r1=1787120&r2=1787121&view=diff
==============================================================================
--- knox/site/team-list.html (original)
+++ knox/site/team-list.html Thu Mar 16 05:20:08 2017
@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!--
- | Generated by Apache Maven Doxia at 2017-02-28
+ | Generated by Apache Maven Doxia at 2017-03-16
  | Rendered using Apache Maven Fluido Skin 1.3.0
 -->
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <meta name="Date-Revision-yyyymmdd" content="20170228" />
+    <meta name="Date-Revision-yyyymmdd" content="20170316" />
     <meta http-equiv="Content-Language" content="en" />
     <title>Knox Gateway &#x2013; Team list</title>
     <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
@@ -58,7 +58,7 @@
               
                 
                     
-                  <li id="publishDate" class="pull-right">Last Published: 2017-02-28</li>

+                  <li id="publishDate" class="pull-right">Last Published: 2017-03-16</li>

             
                             </ul>
       </div>

Added: knox/trunk/books/0.12.0/config_knox_token.md
URL: http://svn.apache.org/viewvc/knox/trunk/books/0.12.0/config_knox_token.md?rev=1787121&view=auto
==============================================================================
--- knox/trunk/books/0.12.0/config_knox_token.md (added)
+++ knox/trunk/books/0.12.0/config_knox_token.md Thu Mar 16 05:20:08 2017
@@ -0,0 +1,43 @@
+## KnoxToken Configuration
+
+### Introduction
+---
+
+The Knox Token Service enables the ability for clients to acquire the same JWT token that
is used for KnoxSSO with WebSSO flows for UIs to be used for accessing REST APIs. By acquiring
the token and setting it as a Bearer token on a request, a client is able to access REST APIs
that are protected with the JWTProvider federation provider.
+
+This section describes the overall setup requirements and options for KnoxToken service.
+
+### KnoxToken service
+The Knox Token Service configuration can be configured in any topology and be tailored to
issue tokens to authenticated users and constrain the usage of the tokens in a number of ways.
+
+    <service>
+       <role>KNOXTOKEN</role>
+       <param>
+          <name>knox.token.ttl</name>
+          <value>36000000</value>
+       </param>
+       <param>
+          <name>knox.token.audiences</name>
+          <value>tokenbased</value>
+       </param>
+       <param>
+          <name>knox.token.target.url</name>
+          <value>https://localhost:8443/gateway/tokenbased</value>
+       </param>
+    </service>
+
+#### KnoxToken Configuration Parameters
+
+Parameter                        | Description | Default
+-------------------------------- |------------ |----------- 
+knox.token.ttl                | This indicates the lifespan of the token. Once it expires
a new token must be acquired from KnoxToken service. This is in milliseconds. The 36000000
in the topology above gives you 10 hrs. | 30000 That is 30 seconds.
+knox.token.audiences          | This is a comma separated list of audiences to add to the
JWT token. This is used to ensure that a token received by a participating application knows
that the token was intended for use with that application. It is optional. In the event that
an endpoint has expected audiences and they are not present the token must be rejected. In
the event where the token has audiences and the endpoint has none expected then the token
is accepted.| empty
+knox.token.target.url         | This is an optional configuration parameter to indicate the
intended endpoint for which the token may be used. The KnoxShell token credential collector
can pull this URL from a knoxtokencache file to be used in scripts. This eliminates the need
to prompt for or hardcode endpoints in your scripts. | n/a
+
+Adding the KnoxToken configuration show above to a topology that is protected with the ShrioProvider
is a very simple and effective way to expose an endpoint from which a Knox token can be requested.
Once it is acquired it may be used to access resources at intended endpoints until it expires.
+
+The following curl example shows how to add a bearer token to an Authorization header:
+
+    curl -ivku guest:guest-password -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJndWVzdCIsImF1ZCI6InRva2VuYmFzZWQiLCJpc3MiOiJLTk9YU1NPIiwiZXhwIjoxNDg5OTI3MTM1fQ.HFxcUtg1Id9t7HOjHkxXsfZE1jB1nd2g9l71cFsgWvT3nsrIuHOzfFdhQwQYsrPqA5h2VZ1UuqOqajI0e_gCOlwoslm3ZD9xMkU2g2qGG81Ao3vvmaaLs8EE0_VuFq5ZHt08ls3oyzjWUKlb2VSrNOjzWjHyoHi_k2M04r9grp8"
https://localhost:8443/gateway/tokenbased/webhdfs/v1/tmp?op=LISTSTATUS
+
+See documentation in Client Details for KnoxShell init, list and destroy for commands that
leverage this token service for CLI sessions.
\ No newline at end of file



Mime
View raw message