Author: lmccay
Date: Fri Oct 25 01:46:33 2019
New Revision: 1868894
URL: http://svn.apache.org/viewvc?rev=1868894&view=rev
Log:
Updated for KNOX-2066 - CompositeAuthz Provider
Modified:
knox/site/books/knox-0-12-0/deployment-overview.png
knox/site/books/knox-0-12-0/deployment-provider.png
knox/site/books/knox-0-12-0/deployment-service.png
knox/site/books/knox-0-12-0/general_saml_flow.png
knox/site/books/knox-0-12-0/runtime-overview.png
knox/site/books/knox-0-12-0/runtime-request-processing.png
knox/site/books/knox-0-13-0/deployment-overview.png
knox/site/books/knox-0-13-0/deployment-provider.png
knox/site/books/knox-0-13-0/deployment-service.png
knox/site/books/knox-0-13-0/general_saml_flow.png
knox/site/books/knox-0-13-0/runtime-overview.png
knox/site/books/knox-0-13-0/runtime-request-processing.png
knox/site/books/knox-0-14-0/deployment-overview.png
knox/site/books/knox-0-14-0/deployment-provider.png
knox/site/books/knox-0-14-0/deployment-service.png
knox/site/books/knox-0-14-0/general_saml_flow.png
knox/site/books/knox-0-14-0/runtime-overview.png
knox/site/books/knox-0-14-0/runtime-request-processing.png
knox/site/books/knox-1-0-0/deployment-overview.png
knox/site/books/knox-1-0-0/deployment-provider.png
knox/site/books/knox-1-0-0/deployment-service.png
knox/site/books/knox-1-0-0/general_saml_flow.png
knox/site/books/knox-1-0-0/runtime-overview.png
knox/site/books/knox-1-0-0/runtime-request-processing.png
knox/site/books/knox-1-1-0/deployment-overview.png
knox/site/books/knox-1-1-0/deployment-provider.png
knox/site/books/knox-1-1-0/deployment-service.png
knox/site/books/knox-1-1-0/general_saml_flow.png
knox/site/books/knox-1-1-0/runtime-overview.png
knox/site/books/knox-1-1-0/runtime-request-processing.png
knox/site/books/knox-1-2-0/deployment-overview.png
knox/site/books/knox-1-2-0/deployment-provider.png
knox/site/books/knox-1-2-0/deployment-service.png
knox/site/books/knox-1-2-0/general_saml_flow.png
knox/site/books/knox-1-2-0/runtime-overview.png
knox/site/books/knox-1-2-0/runtime-request-processing.png
knox/site/books/knox-1-3-0/deployment-overview.png
knox/site/books/knox-1-3-0/deployment-provider.png
knox/site/books/knox-1-3-0/deployment-service.png
knox/site/books/knox-1-3-0/general_saml_flow.png
knox/site/books/knox-1-3-0/runtime-overview.png
knox/site/books/knox-1-3-0/runtime-request-processing.png
knox/site/books/knox-1-4-0/deployment-overview.png
knox/site/books/knox-1-4-0/deployment-provider.png
knox/site/books/knox-1-4-0/deployment-service.png
knox/site/books/knox-1-4-0/general_saml_flow.png
knox/site/books/knox-1-4-0/runtime-overview.png
knox/site/books/knox-1-4-0/runtime-request-processing.png
knox/site/books/knox-1-4-0/user-guide.html
knox/site/index.html
knox/site/issue-management.html
knox/site/licenses.html
knox/site/mailing-lists.html
knox/site/project-info.html
knox/site/team.html
knox/trunk/books/1.4.0/config_authz.md
Modified: knox/site/books/knox-0-12-0/deployment-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-12-0/deployment-provider.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-provider.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-12-0/deployment-service.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-service.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-12-0/general_saml_flow.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/general_saml_flow.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-12-0/runtime-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/runtime-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-12-0/runtime-request-processing.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/runtime-request-processing.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-13-0/deployment-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-13-0/deployment-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-13-0/deployment-provider.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-13-0/deployment-provider.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-13-0/deployment-service.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-13-0/deployment-service.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-13-0/general_saml_flow.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-13-0/general_saml_flow.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-13-0/runtime-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-13-0/runtime-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-13-0/runtime-request-processing.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-13-0/runtime-request-processing.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-14-0/deployment-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-14-0/deployment-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-14-0/deployment-provider.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-14-0/deployment-provider.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-14-0/deployment-service.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-14-0/deployment-service.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-14-0/general_saml_flow.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-14-0/general_saml_flow.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-14-0/runtime-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-14-0/runtime-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-0-14-0/runtime-request-processing.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-0-14-0/runtime-request-processing.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-0-0/deployment-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/deployment-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-0-0/deployment-provider.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/deployment-provider.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-0-0/deployment-service.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/deployment-service.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-0-0/general_saml_flow.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/general_saml_flow.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-0-0/runtime-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/runtime-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-0-0/runtime-request-processing.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/runtime-request-processing.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-1-0/deployment-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/deployment-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-1-0/deployment-provider.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/deployment-provider.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-1-0/deployment-service.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/deployment-service.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-1-0/general_saml_flow.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/general_saml_flow.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-1-0/runtime-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/runtime-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-1-0/runtime-request-processing.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/runtime-request-processing.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-2-0/deployment-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-2-0/deployment-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-2-0/deployment-provider.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-2-0/deployment-provider.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-2-0/deployment-service.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-2-0/deployment-service.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-2-0/general_saml_flow.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-2-0/general_saml_flow.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-2-0/runtime-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-2-0/runtime-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-2-0/runtime-request-processing.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-2-0/runtime-request-processing.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-3-0/deployment-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-3-0/deployment-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-3-0/deployment-provider.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-3-0/deployment-provider.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-3-0/deployment-service.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-3-0/deployment-service.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-3-0/general_saml_flow.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-3-0/general_saml_flow.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-3-0/runtime-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-3-0/runtime-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-3-0/runtime-request-processing.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-3-0/runtime-request-processing.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-4-0/deployment-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/deployment-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-4-0/deployment-provider.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/deployment-provider.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-4-0/deployment-service.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/deployment-service.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-4-0/general_saml_flow.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/general_saml_flow.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-4-0/runtime-overview.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/runtime-overview.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-4-0/runtime-request-processing.png
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/runtime-request-processing.png?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
Binary files - no diff available.
Modified: knox/site/books/knox-1-4-0/user-guide.html
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/user-guide.html?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
--- knox/site/books/knox-1-4-0/user-guide.html (original)
+++ knox/site/books/knox-1-4-0/user-guide.html Fri Oct 25 01:46:33 2019
@@ -4130,6 +4130,31 @@ url -k --header "SM_USER: nobody@ca
</service>
</topology>
</code></pre>
+<h3><a id="Composite+Authorization+Provider">Composite Authorization
Provider</a> <a href="#Composite+Authorization+Provider"><img
src="markbook-section-link.png"/></a></h3>
+<p>By providing a composite authz provider, we are able to configure multiple
authz providers in a single topology. This allows the use of both the AclsAuthz
provider and something like the Ranger Knox plugin where available.</p>
+<p>All authorization providers used within the CompositeAuthz provider will
need to grant access for the request processing to continue to the protected
resource. This is a logical AND across all the providers.</p>
+<p>The following is an example of what configuration of the CompositeAuthz
provider is like.</p>
+<pre><code> <provider>
+ <role>authorization</role>
+ <name>CompositeAuthz</name>
+ <enabled>true</enabled>
+ <param>
+ <name>composite.provider.names</name>
+ <value>AclsAuthz,SomeOther</value>
+ </param>
+ <param>
+ <name>AclsAuthz.webhdfs.acl</name>
+ <value>admin;*;*</value>
+ </param>
+ <param>
+ <name>SomeOther.provider.specific.param</name>
+ <value>provider.specific-value</value>
+ </param>
+ </provider>
+</code></pre>
+<p>Note the comma separated list of provider names in composite.provider.names
param.</p>
+<p>Also Note the use of those names as prefixes to the params to be set on the
respective providers.</p>
+<p>The prefixes are removed and the expected param names are set on the actual
providers as appropriate.</p>
<h3><a id="Secure+Clusters">Secure Clusters</a> <a
href="#Secure+Clusters"><img src="markbook-section-link.png"/></a></h3>
<p>See the Hadoop documentation for setting up a secure Hadoop cluster <a
href="http://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-common/SecureMode.html";>http://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-common/SecureMode.html</a></p>
<p>Once you have a Hadoop cluster that is using Kerberos for authentication,
you have to do the following to configure Knox to work with that cluster.</p>
Modified: knox/site/index.html
URL:
http://svn.apache.org/viewvc/knox/site/index.html?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
--- knox/site/index.html (original)
+++ knox/site/index.html Fri Oct 25 01:46:33 2019
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
src/site/markdown/index.md at 2019-08-28
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
src/site/markdown/index.md at 2019-10-24
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20190828" />
+ <meta name="Date-Revision-yyyymmdd" content="20191024" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Announcing Apache Knox 1.3.0!</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2019-08-28</li>
+ <li id="publishDate">Last Published: 2019-10-24</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/site/issue-management.html
URL:
http://svn.apache.org/viewvc/knox/site/issue-management.html?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
--- knox/site/issue-management.html (original)
+++ knox/site/issue-management.html Fri Oct 25 01:46:33 2019
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:issue-management
at 2019-08-28
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:issue-management
at 2019-10-24
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20190828" />
+ <meta name="Date-Revision-yyyymmdd" content="20191024" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Issue Management</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2019-08-28</li>
+ <li id="publishDate">Last Published: 2019-10-24</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/site/licenses.html
URL:
http://svn.apache.org/viewvc/knox/site/licenses.html?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
--- knox/site/licenses.html (original)
+++ knox/site/licenses.html Fri Oct 25 01:46:33 2019
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:licenses at
2019-08-28
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:licenses at
2019-10-24
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20190828" />
+ <meta name="Date-Revision-yyyymmdd" content="20191024" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Project Licenses</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2019-08-28</li>
+ <li id="publishDate">Last Published: 2019-10-24</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/site/mailing-lists.html
URL:
http://svn.apache.org/viewvc/knox/site/mailing-lists.html?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
--- knox/site/mailing-lists.html (original)
+++ knox/site/mailing-lists.html Fri Oct 25 01:46:33 2019
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:mailing-lists
at 2019-08-28
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:mailing-lists
at 2019-10-24
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20190828" />
+ <meta name="Date-Revision-yyyymmdd" content="20191024" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Project Mailing Lists</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2019-08-28</li>
+ <li id="publishDate">Last Published: 2019-10-24</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/site/project-info.html
URL:
http://svn.apache.org/viewvc/knox/site/project-info.html?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
--- knox/site/project-info.html (original)
+++ knox/site/project-info.html Fri Oct 25 01:46:33 2019
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-site-plugin:3.7.1:CategorySummaryDocumentRenderer
at 2019-08-28
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-site-plugin:3.7.1:CategorySummaryDocumentRenderer
at 2019-10-24
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20190828" />
+ <meta name="Date-Revision-yyyymmdd" content="20191024" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Project Information</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2019-08-28</li>
+ <li id="publishDate">Last Published: 2019-10-24</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/site/team.html
URL:
http://svn.apache.org/viewvc/knox/site/team.html?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
--- knox/site/team.html (original)
+++ knox/site/team.html Fri Oct 25 01:46:33 2019
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:team at
2019-08-28
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:team at
2019-10-24
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20190828" />
+ <meta name="Date-Revision-yyyymmdd" content="20191024" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Project Team</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2019-08-28</li>
+ <li id="publishDate">Last Published: 2019-10-24</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/trunk/books/1.4.0/config_authz.md
URL:
http://svn.apache.org/viewvc/knox/trunk/books/1.4.0/config_authz.md?rev=1868894&r1=1868893&r2=1868894&view=diff
==============================================================================
--- knox/trunk/books/1.4.0/config_authz.md (original)
+++ knox/trunk/books/1.4.0/config_authz.md Fri Oct 25 01:46:33 2019
@@ -319,3 +319,40 @@ An example of a full topology that illus
<url>http://localhost:10001/cliservice</url>
</service>
</topology>
+
+### Composite Authorization Provider ###
+
+
+
+By providing a composite authz provider, we are able to configure multiple
authz providers in a single topology.
+This allows the use of both the AclsAuthz provider and something like the
Ranger Knox plugin where available.
+
+All authorization providers used within the CompositeAuthz provider will need
to grant access for the request
+processing to continue to the protected resource. This is a logical AND across
all the providers.
+
+The following is an example of what configuration of the CompositeAuthz
provider is like.
+
+ <provider>
+ <role>authorization</role>
+ <name>CompositeAuthz</name>
+ <enabled>true</enabled>
+ <param>
+ <name>composite.provider.names</name>
+ <value>AclsAuthz,SomeOther</value>
+ </param>
+ <param>
+ <name>AclsAuthz.webhdfs.acl</name>
+ <value>admin;*;*</value>
+ </param>
+ <param>
+ <name>SomeOther.provider.specific.param</name>
+ <value>provider.specific-value</value>
+ </param>
+ </provider>
+
+Note the comma separated list of provider names in composite.provider.names
param.
+
+Also Note the use of those names as prefixes to the params to be set on the
respective providers.
+
+The prefixes are removed and the expected param names are set on the actual
providers as appropriate.
+
