You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by lm...@apache.org on 2019/10/25 01:46:34 UTC
svn commit: r1868894 - in /knox: site/ site/books/knox-0-12-0/
site/books/knox-0-13-0/ site/books/knox-0-14-0/ site/books/knox-1-0-0/
site/books/knox-1-1-0/ site/books/knox-1-2-0/ site/books/knox-1-3-0/
site/books/knox-1-4-0/ trunk/books/1.4.0/
Author: lmccay
Date: Fri Oct 25 01:46:33 2019
New Revision: 1868894
URL: http://svn.apache.org/viewvc?rev=1868894&view=rev
Log:
Updated for KNOX-2066 - CompositeAuthz Provider
Modified:
knox/site/books/knox-0-12-0/deployment-overview.png
knox/site/books/knox-0-12-0/deployment-provider.png
knox/site/books/knox-0-12-0/deployment-service.png
knox/site/books/knox-0-12-0/general_saml_flow.png
knox/site/books/knox-0-12-0/runtime-overview.png
knox/site/books/knox-0-12-0/runtime-request-processing.png
knox/site/books/knox-0-13-0/deployment-overview.png
knox/site/books/knox-0-13-0/deployment-provider.png
knox/site/books/knox-0-13-0/deployment-service.png
knox/site/books/knox-0-13-0/general_saml_flow.png
knox/site/books/knox-0-13-0/runtime-overview.png
knox/site/books/knox-0-13-0/runtime-request-processing.png
knox/site/books/knox-0-14-0/deployment-overview.png
knox/site/books/knox-0-14-0/deployment-provider.png
knox/site/books/knox-0-14-0/deployment-service.png
knox/site/books/knox-0-14-0/general_saml_flow.png
knox/site/books/knox-0-14-0/runtime-overview.png
knox/site/books/knox-0-14-0/runtime-request-processing.png
knox/site/books/knox-1-0-0/deployment-overview.png
knox/site/books/knox-1-0-0/deployment-provider.png
knox/site/books/knox-1-0-0/deployment-service.png
knox/site/books/knox-1-0-0/general_saml_flow.png
knox/site/books/knox-1-0-0/runtime-overview.png
knox/site/books/knox-1-0-0/runtime-request-processing.png
knox/site/books/knox-1-1-0/deployment-overview.png
knox/site/books/knox-1-1-0/deployment-provider.png
knox/site/books/knox-1-1-0/deployment-service.png
knox/site/books/knox-1-1-0/general_saml_flow.png
knox/site/books/knox-1-1-0/runtime-overview.png
knox/site/books/knox-1-1-0/runtime-request-processing.png
knox/site/books/knox-1-2-0/deployment-overview.png
knox/site/books/knox-1-2-0/deployment-provider.png
knox/site/books/knox-1-2-0/deployment-service.png
knox/site/books/knox-1-2-0/general_saml_flow.png
knox/site/books/knox-1-2-0/runtime-overview.png
knox/site/books/knox-1-2-0/runtime-request-processing.png
knox/site/books/knox-1-3-0/deployment-overview.png
knox/site/books/knox-1-3-0/deployment-provider.png
knox/site/books/knox-1-3-0/deployment-service.png
knox/site/books/knox-1-3-0/general_saml_flow.png
knox/site/books/knox-1-3-0/runtime-overview.png
knox/site/books/knox-1-3-0/runtime-request-processing.png
knox/site/books/knox-1-4-0/deployment-overview.png
knox/site/books/knox-1-4-0/deployment-provider.png
knox/site/books/knox-1-4-0/deployment-service.png
knox/site/books/knox-1-4-0/general_saml_flow.png
knox/site/books/knox-1-4-0/runtime-overview.png
knox/site/books/knox-1-4-0/runtime-request-processing.png
knox/site/books/knox-1-4-0/user-guide.html
knox/site/index.html
knox/site/issue-management.html
knox/site/licenses.html
knox/site/mailing-lists.html
knox/site/project-info.html
knox/site/team.html
knox/trunk/books/1.4.0/config_authz.md
Modified: knox/site/books/knox-0-12-0/deployment-overview.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-12-0/deployment-provider.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-provider.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-12-0/deployment-service.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-service.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-12-0/general_saml_flow.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/general_saml_flow.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-12-0/runtime-overview.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/runtime-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-12-0/runtime-request-processing.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/runtime-request-processing.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-13-0/deployment-overview.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-13-0/deployment-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-13-0/deployment-provider.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-13-0/deployment-provider.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-13-0/deployment-service.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-13-0/deployment-service.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-13-0/general_saml_flow.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-13-0/general_saml_flow.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-13-0/runtime-overview.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-13-0/runtime-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-13-0/runtime-request-processing.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-13-0/runtime-request-processing.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-14-0/deployment-overview.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-14-0/deployment-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-14-0/deployment-provider.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-14-0/deployment-provider.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-14-0/deployment-service.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-14-0/deployment-service.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-14-0/general_saml_flow.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-14-0/general_saml_flow.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-14-0/runtime-overview.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-14-0/runtime-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-14-0/runtime-request-processing.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-14-0/runtime-request-processing.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-0-0/deployment-overview.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/deployment-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-0-0/deployment-provider.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/deployment-provider.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-0-0/deployment-service.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/deployment-service.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-0-0/general_saml_flow.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/general_saml_flow.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-0-0/runtime-overview.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/runtime-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-0-0/runtime-request-processing.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/runtime-request-processing.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-1-0/deployment-overview.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/deployment-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-1-0/deployment-provider.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/deployment-provider.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-1-0/deployment-service.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/deployment-service.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-1-0/general_saml_flow.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/general_saml_flow.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-1-0/runtime-overview.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/runtime-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-1-0/runtime-request-processing.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/runtime-request-processing.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-2-0/deployment-overview.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-2-0/deployment-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-2-0/deployment-provider.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-2-0/deployment-provider.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-2-0/deployment-service.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-2-0/deployment-service.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-2-0/general_saml_flow.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-2-0/general_saml_flow.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-2-0/runtime-overview.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-2-0/runtime-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-2-0/runtime-request-processing.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-2-0/runtime-request-processing.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-3-0/deployment-overview.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-3-0/deployment-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-3-0/deployment-provider.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-3-0/deployment-provider.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-3-0/deployment-service.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-3-0/deployment-service.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-3-0/general_saml_flow.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-3-0/general_saml_flow.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-3-0/runtime-overview.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-3-0/runtime-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-3-0/runtime-request-processing.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-3-0/runtime-request-processing.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-4-0/deployment-overview.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/deployment-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-4-0/deployment-provider.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/deployment-provider.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-4-0/deployment-service.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/deployment-service.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-4-0/general_saml_flow.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/general_saml_flow.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-4-0/runtime-overview.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/runtime-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-4-0/runtime-request-processing.png
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/runtime-request-processing.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-4-0/user-guide.html
URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/user-guide.html?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
--- knox/site/books/knox-1-4-0/user-guide.html (original)
+++ knox/site/books/knox-1-4-0/user-guide.html Fri Oct 25 01:46:33 2019
@@ -4130,6 +4130,31 @@ url -k --header "SM_USER: nobody@ca
</service>
</topology>
</code></pre>
+<h3><a id="Composite+Authorization+Provider">Composite Authorization Provider</a> <a href="#Composite+Authorization+Provider"><img src="markbook-section-link.png"/></a></h3>
+<p>By providing a composite authz provider, we are able to configure multiple authz providers in a single topology. This allows the use of both the AclsAuthz provider and something like the Ranger Knox plugin where available.</p>
+<p>All authorization providers used within the CompositeAuthz provider will need to grant access for the request processing to continue to the protected resource. This is a logical AND across all the providers.</p>
+<p>The following is an example of what configuration of the CompositeAuthz provider is like.</p>
+<pre><code> <provider>
+ <role>authorization</role>
+ <name>CompositeAuthz</name>
+ <enabled>true</enabled>
+ <param>
+ <name>composite.provider.names</name>
+ <value>AclsAuthz,SomeOther</value>
+ </param>
+ <param>
+ <name>AclsAuthz.webhdfs.acl</name>
+ <value>admin;*;*</value>
+ </param>
+ <param>
+ <name>SomeOther.provider.specific.param</name>
+ <value>provider.specific-value</value>
+ </param>
+ </provider>
+</code></pre>
+<p>Note the comma separated list of provider names in composite.provider.names param.</p>
+<p>Also Note the use of those names as prefixes to the params to be set on the respective providers.</p>
+<p>The prefixes are removed and the expected param names are set on the actual providers as appropriate.</p>
<h3><a id="Secure+Clusters">Secure Clusters</a> <a href="#Secure+Clusters"><img src="markbook-section-link.png"/></a></h3>
<p>See the Hadoop documentation for setting up a secure Hadoop cluster <a href="http://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-common/SecureMode.html">http://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-common/SecureMode.html</a></p>
<p>Once you have a Hadoop cluster that is using Kerberos for authentication, you have to do the following to configure Knox to work with that cluster.</p>
Modified: knox/site/index.html
URL: http://svn.apache.org/viewvc/knox/site/index.html?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
--- knox/site/index.html (original)
+++ knox/site/index.html Fri Oct 25 01:46:33 2019
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from src/site/markdown/index.md at 2019-08-28
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from src/site/markdown/index.md at 2019-10-24
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20190828" />
+ <meta name="Date-Revision-yyyymmdd" content="20191024" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Announcing Apache Knox 1.3.0!</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2019-08-28</li>
+ <li id="publishDate">Last Published: 2019-10-24</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/site/issue-management.html
URL: http://svn.apache.org/viewvc/knox/site/issue-management.html?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
--- knox/site/issue-management.html (original)
+++ knox/site/issue-management.html Fri Oct 25 01:46:33 2019
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:issue-management at 2019-08-28
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:issue-management at 2019-10-24
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20190828" />
+ <meta name="Date-Revision-yyyymmdd" content="20191024" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Issue Management</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2019-08-28</li>
+ <li id="publishDate">Last Published: 2019-10-24</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/site/licenses.html
URL: http://svn.apache.org/viewvc/knox/site/licenses.html?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
--- knox/site/licenses.html (original)
+++ knox/site/licenses.html Fri Oct 25 01:46:33 2019
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:licenses at 2019-08-28
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:licenses at 2019-10-24
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20190828" />
+ <meta name="Date-Revision-yyyymmdd" content="20191024" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Project Licenses</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2019-08-28</li>
+ <li id="publishDate">Last Published: 2019-10-24</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/site/mailing-lists.html
URL: http://svn.apache.org/viewvc/knox/site/mailing-lists.html?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
--- knox/site/mailing-lists.html (original)
+++ knox/site/mailing-lists.html Fri Oct 25 01:46:33 2019
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:mailing-lists at 2019-08-28
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:mailing-lists at 2019-10-24
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20190828" />
+ <meta name="Date-Revision-yyyymmdd" content="20191024" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Project Mailing Lists</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2019-08-28</li>
+ <li id="publishDate">Last Published: 2019-10-24</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/site/project-info.html
URL: http://svn.apache.org/viewvc/knox/site/project-info.html?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
--- knox/site/project-info.html (original)
+++ knox/site/project-info.html Fri Oct 25 01:46:33 2019
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from org.apache.maven.plugins:maven-site-plugin:3.7.1:CategorySummaryDocumentRenderer at 2019-08-28
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from org.apache.maven.plugins:maven-site-plugin:3.7.1:CategorySummaryDocumentRenderer at 2019-10-24
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20190828" />
+ <meta name="Date-Revision-yyyymmdd" content="20191024" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Project Information</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2019-08-28</li>
+ <li id="publishDate">Last Published: 2019-10-24</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/site/team.html
URL: http://svn.apache.org/viewvc/knox/site/team.html?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
--- knox/site/team.html (original)
+++ knox/site/team.html Fri Oct 25 01:46:33 2019
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:team at 2019-08-28
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:team at 2019-10-24
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20190828" />
+ <meta name="Date-Revision-yyyymmdd" content="20191024" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Project Team</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2019-08-28</li>
+ <li id="publishDate">Last Published: 2019-10-24</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/trunk/books/1.4.0/config_authz.md
URL: http://svn.apache.org/viewvc/knox/trunk/books/1.4.0/config_authz.md?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
--- knox/trunk/books/1.4.0/config_authz.md (original)
+++ knox/trunk/books/1.4.0/config_authz.md Fri Oct 25 01:46:33 2019
@@ -319,3 +319,40 @@ An example of a full topology that illus
<url>http://localhost:10001/cliservice</url>
</service>
</topology>
+
+### Composite Authorization Provider ###
+
+
+
+By providing a composite authz provider, we are able to configure multiple authz providers in a single topology.
+This allows the use of both the AclsAuthz provider and something like the Ranger Knox plugin where available.
+
+All authorization providers used within the CompositeAuthz provider will need to grant access for the request
+processing to continue to the protected resource. This is a logical AND across all the providers.
+
+The following is an example of what configuration of the CompositeAuthz provider is like.
+
+ <provider>
+ <role>authorization</role>
+ <name>CompositeAuthz</name>
+ <enabled>true</enabled>
+ <param>
+ <name>composite.provider.names</name>
+ <value>AclsAuthz,SomeOther</value>
+ </param>
+ <param>
+ <name>AclsAuthz.webhdfs.acl</name>
+ <value>admin;*;*</value>
+ </param>
+ <param>
+ <name>SomeOther.provider.specific.param</name>
+ <value>provider.specific-value</value>
+ </param>
+ </provider>
+
+Note the comma separated list of provider names in composite.provider.names param.
+
+Also Note the use of those names as prefixes to the params to be set on the respective providers.
+
+The prefixes are removed and the expected param names are set on the actual providers as appropriate.
+