You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@storm.apache.org by bo...@apache.org on 2018/03/30 19:42:40 UTC
storm git commit: Merge branch 'master031901' of
https://github.com/liu-zhaokun/storm into STORM-2997
Repository: storm
Updated Branches:
refs/heads/1.x-branch a03917b03 -> 9aac3e0d3
Merge branch 'master031901' of https://github.com/liu-zhaokun/storm into STORM-2997
STORM-2997: Add logviewer ssl module in SECURITY.md
This closes #2600
Project: http://git-wip-us.apache.org/repos/asf/storm/repo
Commit: http://git-wip-us.apache.org/repos/asf/storm/commit/9aac3e0d
Tree: http://git-wip-us.apache.org/repos/asf/storm/tree/9aac3e0d
Diff: http://git-wip-us.apache.org/repos/asf/storm/diff/9aac3e0d
Branch: refs/heads/1.x-branch
Commit: 9aac3e0d3cc6b44e450e81a74e6483433deb8aef
Parents: a03917b
Author: Robert Evans <ev...@yahoo-inc.com>
Authored: Fri Mar 30 14:40:42 2018 -0500
Committer: Robert Evans <ev...@yahoo-inc.com>
Committed: Fri Mar 30 14:41:59 2018 -0500
----------------------------------------------------------------------
docs/SECURITY.md | 24 ++++++++++++++++++++++--
1 file changed, 22 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/storm/blob/9aac3e0d/docs/SECURITY.md
----------------------------------------------------------------------
diff --git a/docs/SECURITY.md b/docs/SECURITY.md
index 9dbec67..f0575d3 100644
--- a/docs/SECURITY.md
+++ b/docs/SECURITY.md
@@ -92,9 +92,9 @@ curl -i --negotiate -u:anyUser -b ~/cookiejar.txt -c ~/cookiejar.txt http://s
**Caution**: In AD MIT Keberos setup the key size is bigger than the default UI jetty server request header size. Make sure you set ui.header.buffer.bytes to 65536 in storm.yaml. More details are on [STORM-633](https://issues.apache.org/jira/browse/STORM-633)
-## UI / DRPC SSL
+## UI / DRPC / LOGVIEWER SSL
-Both UI and DRPC allows users to configure ssl .
+UI,DRPC and LOGVIEWER allows users to configure ssl .
### UI
@@ -139,6 +139,26 @@ If users want to setup 2-way auth
+### LOGVIEWER
+similarly to UI and DRPC , users need to configure following for LOGVIEWER
+
+1. logviewer.https.port
+2. logviewer.https.keystore.type (example "jks")
+3. logviewer.https.keystore.path (example "/etc/ssl/storm_keystore.jks")
+4. logviewer.https.keystore.password (keystore password)
+5. logviewer.https.key.password (private key password)
+
+optional config
+6. logviewer.https.truststore.path (example "/etc/ssl/storm_truststore.jks")
+7. logviewer.https.truststore.password (truststore password)
+8. logviewer.https.truststore.type (example "jks")
+
+If users want to setup 2-way auth
+9. logviewer.https.want.client.auth (If this set to true server requests for client certifcate authentication, but keeps the connection if no authentication provided)
+10. logviewer.https.need.client.auth (If this set to true server requires client to provide authentication)
+
+
+
## Authentication (Kerberos)