Sure - I can file a JIRA and commit a fix. The secret generation should be done in one instance and replicated across others. This replication/management of the credential stores is outside of the scope of Knox itself as of now.
Documentation is done in markdown and is contributing details are available at: https://cwiki.apache.org/confluence/display/KNOX/Contribution+Process#ContributionProcess-DocumentationContributorWorkflow Which should give you a general idea. Find an example like: ./trunk/books/0.7.0/config_preauth_sso_provider.md For an example of typical content and format. Here is how that example renders: http://knox.apache.org/books/knox-0-7-0/user-guide.html#Preauthenticated+SSO+Provider You'll need to tie it into the rest of the book - just grep for where that filename is referenced. To test how it renders build the site with: "ant" and note the url to the 0.7.0 book. On Wed, Dec 2, 2015 at 12:12 PM, Jérôme LELEU <[email protected]> wrote: > Hi, > > Why it doesn't work for pac4j while it works for others is a bit strange to > me, but if you have the patch in front of your eyes, I'd rather prefer you > to commit it. In all cases, I'll sync with the master. > > There was one question you didn't answer previously: is the password > generated for the pac4j provider the same across all gateway instances? > Because I expect to have the same value as I use it to encrypt / decrypt > data. > > I will add the Javadoc. After that, you can review the pull request more > completely. > > What do you expect for the documentation? > > Notice that pac4j dependencies are still snapshots, but they will be > released in a week or two. > > Thanks. > Best regards, > Jérôme > > > 2015-12-02 17:51 GMT+01:00 larry mccay <[email protected]>: > > > Jérôme - > > > > If you would like to add that change as part of your patch or as a > > separately filed JIRA to fix a bug that would certainly be welcomed. > > Otherwise, I can do it. > > > > Let me know. > > > > thanks, > > > > --larry > > > > On Wed, Dec 2, 2015 at 11:44 AM, larry mccay <[email protected]> > > wrote: > > > > > Okay - I had to add an override of getUserPrincipal() to the > > > IdentityAsserterHttpServletRequestWrapper and return the member > variable > > > username and it works like a charm. > > > > > > Why I haven't seen this same behavior with other providers is a bit of > a > > > mystery but they must be adding other wrappers that handle it. > > > This is quite cool, Jérôme! > > > > > > On Wed, Dec 2, 2015 at 10:41 AM, larry mccay <[email protected]> > > > wrote: > > > > > >> That was it - thanks! > > >> > > >> On Wed, Dec 2, 2015 at 10:20 AM, Jérôme LELEU <[email protected]> > wrote: > > >> > > >>> This is my exact command line: mvn -Prelease clean install > -DskipTests > > >>> > > >>> You use an internal Maven repository to fetch dependencies from > > internet: > > >>> http://nexus-private.hortonworks.com/nexus/content/groups/public/ > > >>> > > >>> Does this repository have access to the remote Snapshots Sonatype > repo? > > >>> > > >>> > > >>> > > >>> 2015-12-02 16:16 GMT+01:00 larry mccay <[email protected]>: > > >>> > > >>> > hmmm - I used: > > >>> > > > >>> > mvn clean install -DskipTests=true -Prelease > > >>> > > > >>> > The repository entry is in there already. > > >>> > No worky. > > >>> > > > >>> > On Wed, Dec 2, 2015 at 10:12 AM, Jérôme LELEU <[email protected]> > > >>> wrote: > > >>> > > > >>> > > Hi, > > >>> > > > > >>> > > You need the j2e-pac4j dependencies as well as the pac4j-* > > >>> dependencies, > > >>> > > but you don't need to build them locally (hopefully). > > >>> > > > > >>> > > But you need a dependency on the Sonatype snapshots repository > > >>> (where the > > >>> > > snapshot versions are hosted), which is added for Maven in the > root > > >>> > > pom.xml: > > >>> > > > > >>> > > > > >>> > > > >>> > > > https://github.com/apache/knox/pull/2/files#diff-600376dffeb79835ede4a0b285078036R123 > > >>> > > > > >>> > > If you use Ant for the build, there is maybe a glitch to find the > > >>> > Sonatype > > >>> > > Maven repo. > > >>> > > > > >>> > > Thanks. > > >>> > > Best regards, > > >>> > > Jérôme > > >>> > > > > >>> > > > > >>> > > 2015-12-02 16:06 GMT+01:00 larry mccay <[email protected]>: > > >>> > > > > >>> > > > Oh - do I need to build j2e-pac4 locally in order to resolve > the > > >>> > > > dependencies? > > >>> > > > > > >>> > > > [ERROR] Failed to execute goal on project > > >>> > > gateway-provider-security-pac4j: > > >>> > > > Could not resolve dependencies for project > > >>> > > > > > >>> org.apache.knox:gateway-provider-security-pac4j:jar:0.7.0-SNAPSHOT: > The > > >>> > > > following artifacts could not be resolved: > > >>> > > > org.pac4j:j2e-pac4j:jar:1.2.1-SNAPSHOT, > > >>> > > > org.pac4j:pac4j-http:jar:1.8.1-SNAPSHOT, > > >>> > > > org.pac4j:pac4j-config:jar:1.8.1-SNAPSHOT: Could not find > > artifact > > >>> > > > org.pac4j:j2e-pac4j:jar:1.2.1-SNAPSHOT in public ( > > >>> > > > > > http://nexus-private.hortonworks.com/nexus/content/groups/public/) > > >>> -> > > >>> > > > [Help > > >>> > > > 1] > > >>> > > > > > >>> > > > On Wed, Dec 2, 2015 at 10:05 AM, larry mccay < > > >>> [email protected]> > > >>> > > > wrote: > > >>> > > > > > >>> > > > > gateway-provider-security-pac4j doesn't build - do you have a > > >>> pending > > >>> > > > > change for your pom.xml or something? > > >>> > > > > > > >>> > > > >>> > > >> > > >> > > > > > >
