You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Kevin Minder (JIRA)" <ji...@apache.org> on 2014/10/02 23:11:33 UTC
[jira] [Updated] (KNOX-437) KnoxLdapContextFactory should be
configured by default in all topology files
[ https://issues.apache.org/jira/browse/KNOX-437?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kevin Minder updated KNOX-437:
------------------------------
Description:
In some cases the KnoxLdapRealm will not work unless the KnoxLdapContextFactory is also configured. In particular the use of an ${ALIAS=...} in the >main.ldapRealm.contextFactory.systemPassword param. As this is such a common and important use cases the KnoxLdapContextFactory should be included in all default topology files, all sample topology files and all documented topology files.
The snippet below shows what needs to be added to the topology files.
{code}
<topology>
<gateway>
<provider>
<role>authentication</role>
<name>ShiroProvider</name>
<enabled>true</enabled>
...
<param>
<name>main.ldapRealm</name>
<value>org.apache.hadoop.gateway.shirorealm.KnoxLdapRealm</value>
</param>
<param>
<name>main.ldapContextFactory</name>
<value>org.apache.hadoop.gateway.shirorealm.KnoxLdapContextFactory</value>
</param>
<param>
<name>main.ldapRealm.contextFactory</name>
<value>$ldapContextFactory</value>
</param>
...
</gateway>
...
<topology>
{code}
was:
In some cases the KnoxLdapRealm will not work unless the KnoxLdapContextFactory is also configured. In particular the use of an ${ALIAS=...} in the >main.ldapRealm.contextFactory.systemPassword param. As this is such a common and important use cases the KnoxLdapContextFactory should be included in all default topology files, all sample topology files and all documented topology files.
The snippet below shows what needs to be added to the topology files.
{code}
<topology>
<gateway>
<provider>
<role>authentication</role>
<name>ShiroProvider</name>
<enabled>true</enabled>
....
<param>
<name>main.ldapRealm</name>
<value>org.apache.hadoop.gateway.shirorealm.KnoxLdapRealm</value>
</param>
<param>
<name>main.ldapContextFactory</name>
<value>org.apache.hadoop.gateway.shirorealm.KnoxLdapContextFactory</value>
</param>
<param>
<name>main.ldapRealm.contextFactory</name>
<value>$ldapContextFactory</value>
</param>
....
</gateway>
....
<topology>
{code}
> KnoxLdapContextFactory should be configured by default in all topology files
> ----------------------------------------------------------------------------
>
> Key: KNOX-437
> URL: https://issues.apache.org/jira/browse/KNOX-437
> Project: Apache Knox
> Issue Type: Bug
> Components: Server, Site
> Affects Versions: 0.4.0
> Reporter: Kevin Minder
> Priority: Blocker
> Fix For: 0.5.0
>
>
> In some cases the KnoxLdapRealm will not work unless the KnoxLdapContextFactory is also configured. In particular the use of an ${ALIAS=...} in the >main.ldapRealm.contextFactory.systemPassword param. As this is such a common and important use cases the KnoxLdapContextFactory should be included in all default topology files, all sample topology files and all documented topology files.
> The snippet below shows what needs to be added to the topology files.
> {code}
> <topology>
> <gateway>
> <provider>
> <role>authentication</role>
> <name>ShiroProvider</name>
> <enabled>true</enabled>
> ...
> <param>
> <name>main.ldapRealm</name>
> <value>org.apache.hadoop.gateway.shirorealm.KnoxLdapRealm</value>
> </param>
> <param>
> <name>main.ldapContextFactory</name>
> <value>org.apache.hadoop.gateway.shirorealm.KnoxLdapContextFactory</value>
> </param>
> <param>
> <name>main.ldapRealm.contextFactory</name>
> <value>$ldapContextFactory</value>
> </param>
> ...
> </gateway>
> ...
> <topology>
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)