This is an automated email from the ASF dual-hosted git repository.
penghui pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pulsar.git
The following commit(s) were added to refs/heads/master by this push:
new 1fdb03b [Doc] Add doc for tokenSettingPrefix (#12662)
1fdb03b is described below
commit 1fdb03bd1590ccbf9a259a80d78f5d9367a30c8b
Author: Zike Yang <[email protected]>
AuthorDate: Mon Nov 8 19:17:19 2021 +0800
[Doc] Add doc for tokenSettingPrefix (#12662)
---
site2/docs/reference-configuration.md | 3 +++
site2/website/versioned_docs/version-2.8.2/reference-configuration.md | 3 +++
2 files changed, 6 insertions(+)
diff --git a/site2/docs/reference-configuration.md
b/site2/docs/reference-configuration.md
index 5940043..481a732 100644
--- a/site2/docs/reference-configuration.md
+++ b/site2/docs/reference-configuration.md
@@ -218,6 +218,7 @@ brokerServiceCompactionThresholdInBytes|If the estimated
backlog size is greater
|brokerClientTlsCiphers| Specify the tls cipher the internal client will use
to negotiate during TLS Handshake. (a comma-separated list of ciphers) e.g.
[TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]||
|brokerClientTlsProtocols|Specify the tls protocols the broker will use to
negotiate during TLS handshake. (a comma-separated list of protocol names).
e.g. `TLSv1.3`, `TLSv1.2` ||
|ttlDurationDefaultInSeconds|The default Time to Live (TTL) for namespaces if
the TTL is not configured at namespace policies. When the value is set to `0`,
TTL is disabled. By default, TTL is disabled. |0|
+|tokenSettingPrefix| Configure the prefix of the token-related settings, such
as `tokenSecretKey`, `tokenPublicKey`, `tokenAuthClaim`, `tokenPublicAlg`,
`tokenAudienceClaim`, and `tokenAudience`. ||
|tokenSecretKey| Configure the secret key to be used to validate auth tokens.
The key can be specified like: `tokenSecretKey=data:;base64,xxxxxxxxx` or
`tokenSecretKey=file:///my/secret.key`. Note: key file must be DER-encoded.||
|tokenPublicKey| Configure the public key to be used to validate auth tokens.
The key can be specified like: `tokenPublicKey=data:;base64,xxxxxxxxx` or
`tokenPublicKey=file:///my/secret.key`. Note: key file must be DER-encoded.||
|tokenPublicAlg| Configure the algorithm to be used to validate auth tokens.
This can be any of the asymettric algorithms supported by Java JWT
(https://github.com/jwtk/jjwt#signature-algorithms-keys) |RS256|
@@ -541,6 +542,7 @@ You can set the log level and configuration in the
[log4j2.yaml](https://github
|brokerClientAuthenticationParameters| The parameters that go along with the
plugin specified using brokerClientAuthenticationPlugin. | |
|athenzDomainNames| Supported Athenz authentication provider domain names as a
comma-separated list. | |
| anonymousUserRole | When this parameter is not empty, unauthenticated users
perform as anonymousUserRole. | |
+|tokenSettingPrefix| Configure the prefix of the token related setting like
`tokenSecretKey`, `tokenPublicKey`, `tokenAuthClaim`, `tokenPublicAlg`,
`tokenAudienceClaim`, and `tokenAudience`. ||
|tokenSecretKey| Configure the secret key to be used to validate auth tokens.
The key can be specified like: `tokenSecretKey=data:;base64,xxxxxxxxx` or
`tokenSecretKey=file:///my/secret.key`. Note: key file must be DER-encoded.||
|tokenPublicKey| Configure the public key to be used to validate auth tokens.
The key can be specified like: `tokenPublicKey=data:;base64,xxxxxxxxx` or
`tokenPublicKey=file:///my/secret.key`. Note: key file must be DER-encoded.||
|tokenAuthClaim| Specify the token claim that will be used as the
authentication "principal" or "role". The "subject" field will be used if this
is left blank ||
@@ -728,6 +730,7 @@ The [Pulsar
proxy](concepts-architecture-overview.md#pulsar-proxy) can be config
| httpReverseProxyConfigs | HTTP directs to redirect to non-pulsar services | |
| httpOutputBufferSize | HTTP output buffer size. The amount of data that will
be buffered for HTTP requests before it is flushed to the channel. A larger
buffer size may result in higher HTTP throughput though it may take longer for
the client to see data. If using HTTP streaming via the reverse proxy, this
should be set to the minimum value (1) so that clients see the data as soon as
possible. | 32768 |
| httpNumThreads | Number of threads to use for HTTP requests processing| 2 *
Runtime.getRuntime().availableProcessors() |
+|tokenSettingPrefix| Configure the prefix of the token related setting like
`tokenSecretKey`, `tokenPublicKey`, `tokenAuthClaim`, `tokenPublicAlg`,
`tokenAudienceClaim`, and `tokenAudience`. ||
|tokenSecretKey| Configure the secret key to be used to validate auth tokens.
The key can be specified like: `tokenSecretKey=data:;base64,xxxxxxxxx` or
`tokenSecretKey=file:///my/secret.key`. Note: key file must be DER-encoded.||
|tokenPublicKey| Configure the public key to be used to validate auth tokens.
The key can be specified like: `tokenPublicKey=data:;base64,xxxxxxxxx` or
`tokenPublicKey=file:///my/secret.key`. Note: key file must be DER-encoded.||
|tokenAuthClaim| Specify the token claim that will be used as the
authentication "principal" or "role". The "subject" field will be used if this
is left blank ||
diff --git
a/site2/website/versioned_docs/version-2.8.2/reference-configuration.md
b/site2/website/versioned_docs/version-2.8.2/reference-configuration.md
index 53b6dd7..aa31668 100644
--- a/site2/website/versioned_docs/version-2.8.2/reference-configuration.md
+++ b/site2/website/versioned_docs/version-2.8.2/reference-configuration.md
@@ -219,6 +219,7 @@ brokerServiceCompactionThresholdInBytes|If the estimated
backlog size is greater
|brokerClientTlsCiphers| Specify the tls cipher the internal client will use
to negotiate during TLS Handshake. (a comma-separated list of ciphers) e.g.
[TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]||
|brokerClientTlsProtocols|Specify the tls protocols the broker will use to
negotiate during TLS handshake. (a comma-separated list of protocol names).
e.g. `TLSv1.3`, `TLSv1.2` ||
|ttlDurationDefaultInSeconds|The default Time to Live (TTL) for namespaces if
the TTL is not configured at namespace policies. When the value is set to `0`,
TTL is disabled. By default, TTL is disabled. |0|
+|tokenSettingPrefix| Configure the prefix of the token related setting like
`tokenSecretKey`, `tokenPublicKey`, `tokenAuthClaim`, `tokenPublicAlg`,
`tokenAudienceClaim`, and `tokenAudience`. ||
|tokenSecretKey| Configure the secret key to be used to validate auth tokens.
The key can be specified like: `tokenSecretKey=data:;base64,xxxxxxxxx` or
`tokenSecretKey=file:///my/secret.key`. Note: key file must be DER-encoded.||
|tokenPublicKey| Configure the public key to be used to validate auth tokens.
The key can be specified like: `tokenPublicKey=data:;base64,xxxxxxxxx` or
`tokenPublicKey=file:///my/secret.key`. Note: key file must be DER-encoded.||
|tokenPublicAlg| Configure the algorithm to be used to validate auth tokens.
This can be any of the asymettric algorithms supported by Java JWT
(https://github.com/jwtk/jjwt#signature-algorithms-keys) |RS256|
@@ -556,6 +557,7 @@ You can set the log level and configuration in the
[log4j2.yaml](https://github
|brokerClientAuthenticationParameters| The parameters that go along with the
plugin specified using brokerClientAuthenticationPlugin. | |
|athenzDomainNames| Supported Athenz authentication provider domain names as a
comma-separated list. | |
| anonymousUserRole | When this parameter is not empty, unauthenticated users
perform as anonymousUserRole. | |
+|tokenSettingPrefix| Configure the prefix of the token related setting like
`tokenSecretKey`, `tokenPublicKey`, `tokenAuthClaim`, `tokenPublicAlg`,
`tokenAudienceClaim`, and `tokenAudience`. ||
|tokenSecretKey| Configure the secret key to be used to validate auth tokens.
The key can be specified like: `tokenSecretKey=data:;base64,xxxxxxxxx` or
`tokenSecretKey=file:///my/secret.key`. Note: key file must be DER-encoded.||
|tokenPublicKey| Configure the public key to be used to validate auth tokens.
The key can be specified like: `tokenPublicKey=data:;base64,xxxxxxxxx` or
`tokenPublicKey=file:///my/secret.key`. Note: key file must be DER-encoded.||
|tokenAuthClaim| Specify the token claim that will be used as the
authentication "principal" or "role". The "subject" field will be used if this
is left blank ||
@@ -742,6 +744,7 @@ The [Pulsar
proxy](concepts-architecture-overview.md#pulsar-proxy) can be config
| httpReverseProxyConfigs | HTTP directs to redirect to non-pulsar services | |
| httpOutputBufferSize | HTTP output buffer size. The amount of data that will
be buffered for HTTP requests before it is flushed to the channel. A larger
buffer size may result in higher HTTP throughput though it may take longer for
the client to see data. If using HTTP streaming via the reverse proxy, this
should be set to the minimum value (1) so that clients see the data as soon as
possible. | 32768 |
| httpNumThreads | Number of threads to use for HTTP requests processing| 2 *
Runtime.getRuntime().availableProcessors() |
+|tokenSettingPrefix| Configure the prefix of the token related setting like
`tokenSecretKey`, `tokenPublicKey`, `tokenAuthClaim`, `tokenPublicAlg`,
`tokenAudienceClaim`, and `tokenAudience`. ||
|tokenSecretKey| Configure the secret key to be used to validate auth tokens.
The key can be specified like: `tokenSecretKey=data:;base64,xxxxxxxxx` or
`tokenSecretKey=file:///my/secret.key`. Note: key file must be DER-encoded.||
|tokenPublicKey| Configure the public key to be used to validate auth tokens.
The key can be specified like: `tokenPublicKey=data:;base64,xxxxxxxxx` or
`tokenPublicKey=file:///my/secret.key`. Note: key file must be DER-encoded.||
|tokenAuthClaim| Specify the token claim that will be used as the
authentication "principal" or "role". The "subject" field will be used if this
is left blank ||
