You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Larry McCay (JIRA)" <ji...@apache.org> on 2013/12/10 03:12:07 UTC
[jira] [Commented] (KNOX-105) Command line tooling for CMF
provisioning
[ https://issues.apache.org/jira/browse/KNOX-105?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13843839#comment-13843839 ]
Larry McCay commented on KNOX-105:
----------------------------------
One option for this tooling is to:
* start from a copy of GatewayServer - call it GatewayTooling or GatewayCLI something like that
* will need to create only those gateway services needed for the tooling, master, keystore, alias
* it would require it to be run from a Knox install with expected config and layout
User interaction to add an alias:
* run gatewayCLI providing appropriate values for:
--add-alias alias
--clusterName name
* gatewayCLI prompts for master password (through the masterService) using the java console interface
- user provides master password - this will need to be the same for the entire Knox cluster
* gatewayCLI implementation processes CLI arguments and:
- creates the credential store as needed
- prompts the user for a password using the java console
- adds the alias through the AliasService and writes the {clustername}-credentials.jceks store to conf/security/keystores
> Command line tooling for CMF provisioning
> -----------------------------------------
>
> Key: KNOX-105
> URL: https://issues.apache.org/jira/browse/KNOX-105
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 0.3.0
> Reporter: Larry McCay
> Assignee: Larry McCay
> Fix For: 0.4.0
>
>
> We need to be able to create CMF artifacts that can be provisioned to an installation and discovered on startup. This will include: master secret file, credential and key stores. Initial deliverable needs to address master file. This will allow cluster provisioning to discover a master secret without a need for a console for the user to provide one. The rest of the artifacts can be generated at runtime for dev/test environments. Subsequently, we will need the key and credential stores for production environment discovery.
--
This message was sent by Atlassian JIRA
(v6.1.4#6159)