You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@storm.apache.org by bo...@apache.org on 2018/03/30 19:42:40 UTC

storm git commit: Merge branch 'master031901' of https://github.com/liu-zhaokun/storm into STORM-2997

Repository: storm
Updated Branches:
  refs/heads/1.x-branch a03917b03 -> 9aac3e0d3


Merge branch 'master031901' of https://github.com/liu-zhaokun/storm into STORM-2997

STORM-2997: Add logviewer ssl module in SECURITY.md

This closes #2600


Project: http://git-wip-us.apache.org/repos/asf/storm/repo
Commit: http://git-wip-us.apache.org/repos/asf/storm/commit/9aac3e0d
Tree: http://git-wip-us.apache.org/repos/asf/storm/tree/9aac3e0d
Diff: http://git-wip-us.apache.org/repos/asf/storm/diff/9aac3e0d

Branch: refs/heads/1.x-branch
Commit: 9aac3e0d3cc6b44e450e81a74e6483433deb8aef
Parents: a03917b
Author: Robert Evans <ev...@yahoo-inc.com>
Authored: Fri Mar 30 14:40:42 2018 -0500
Committer: Robert Evans <ev...@yahoo-inc.com>
Committed: Fri Mar 30 14:41:59 2018 -0500

----------------------------------------------------------------------
 docs/SECURITY.md | 24 ++++++++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/storm/blob/9aac3e0d/docs/SECURITY.md
----------------------------------------------------------------------
diff --git a/docs/SECURITY.md b/docs/SECURITY.md
index 9dbec67..f0575d3 100644
--- a/docs/SECURITY.md
+++ b/docs/SECURITY.md
@@ -92,9 +92,9 @@ curl  -i --negotiate -u:anyUser  -b ~/cookiejar.txt -c ~/cookiejar.txt  http://s
 **Caution**: In AD MIT Keberos setup the key size is bigger than the default UI jetty server request header size. Make sure you set ui.header.buffer.bytes to 65536 in storm.yaml. More details are on [STORM-633](https://issues.apache.org/jira/browse/STORM-633)
 
 
-## UI / DRPC SSL 
+## UI / DRPC / LOGVIEWER SSL 
 
-Both UI and DRPC allows users to configure ssl .
+UI,DRPC and LOGVIEWER allows users to configure ssl .
 
 ### UI
 
@@ -139,6 +139,26 @@ If users want to setup 2-way auth
 
 
 
+### LOGVIEWER
+similarly to UI and DRPC , users need to configure following for LOGVIEWER
+
+1. logviewer.https.port 
+2. logviewer.https.keystore.type (example "jks")
+3. logviewer.https.keystore.path (example "/etc/ssl/storm_keystore.jks")
+4. logviewer.https.keystore.password (keystore password)
+5. logviewer.https.key.password (private key password)
+
+optional config 
+6. logviewer.https.truststore.path (example "/etc/ssl/storm_truststore.jks")
+7. logviewer.https.truststore.password (truststore password)
+8. logviewer.https.truststore.type (example "jks")
+
+If users want to setup 2-way auth
+9. logviewer.https.want.client.auth (If this set to true server requests for client certifcate authentication, but keeps the connection if no authentication provided)
+10. logviewer.https.need.client.auth (If this set to true server requires client to provide authentication)
+
+
+
 
 ## Authentication (Kerberos)