[GitHub] [pulsar-site] Anonymitaet commented on a diff in pull request #558: Minor improvements to OIDC docs
Anonymitaet commented on code in PR #558: URL: https://github.com/apache/pulsar-site/pull/558#discussion_r1190503177 ## docs/security-openid-connect.md: ## @@ -21,9 +25,9 @@ After authenticating with the Identity Provider, the Pulsar client gets an acces 7. When token validation is successful, the Pulsar Server extracts the `sub` claim from the token (or the configured `openIDRoleClaim`) and uses it as the principal for authorization. 8. When the token expires, the Pulsar Server challenges the client to re-authenticate with the Identity Provider and provide a new access token. If the client fails to re-authenticate, the Pulsar Server closes the connection. -## Enable OpenID Connect Authentication in the Brokers, Proxies, and WebSocket Proxies +## Enable OpenID Connect Authentication in the Broker and Proxy -To configure Pulsar Servers to authenticate clients using OpenID Connect, add the following parameters to the `conf/broker.conf`, the `conf/proxy.conf`, and the `conf/websocket.conf` files. If you use a standalone Pulsar, you need to add these parameters to the `conf/standalone.conf` file: +To configure Pulsar Servers to authenticate clients using OpenID Connect, add the following parameters to the `conf/broker.conf` and the `conf/proxy.conf`. If you use a standalone Pulsar, you need to add these parameters to the `conf/standalone.conf` file: Review Comment: I think we do not need to capitalize them because they are not proper nouns (e.g., Mac, Apple Watch). ## docs/security-openid-connect.md: ## @@ -21,9 +25,9 @@ After authenticating with the Identity Provider, the Pulsar client gets an acces 7. When token validation is successful, the Pulsar Server extracts the `sub` claim from the token (or the configured `openIDRoleClaim`) and uses it as the principal for authorization. 8. When the token expires, the Pulsar Server challenges the client to re-authenticate with the Identity Provider and provide a new access token. If the client fails to re-authenticate, the Pulsar Server closes the connection. -## Enable OpenID Connect Authentication in the Brokers, Proxies, and WebSocket Proxies +## Enable OpenID Connect Authentication in the Broker and Proxy -To configure Pulsar Servers to authenticate clients using OpenID Connect, add the following parameters to the `conf/broker.conf`, the `conf/proxy.conf`, and the `conf/websocket.conf` files. If you use a standalone Pulsar, you need to add these parameters to the `conf/standalone.conf` file: +To configure Pulsar Servers to authenticate clients using OpenID Connect, add the following parameters to the `conf/broker.conf` and the `conf/proxy.conf`. If you use a standalone Pulsar, you need to add these parameters to the `conf/standalone.conf` file: Review Comment: We do not need to capitalize them because they are not proper nouns (e.g., Mac, Apple Watch). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@pulsar.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [pulsar-site] Anonymitaet commented on a diff in pull request #558: Minor improvements to OIDC docs
Anonymitaet commented on code in PR #558: URL: https://github.com/apache/pulsar-site/pull/558#discussion_r1190502294 ## docs/security-openid-connect.md: ## @@ -8,6 +8,10 @@ Apache Pulsar supports authenticating clients using [OpenID Connect](https://ope The source code for the OpenID Connect implementation is in the [pulsar-broker-auth-oidc](https://github.com/apache/pulsar/blob/master/pulsar-broker-auth-oidc/) submodule in the Apache Pulsar git repo. +:::note +Pulsar's OpenID Connect integration was introduced in Pulsar 3.0.0. As always, if you encounter any issues, please ask questions on Pulsar channels and open issues in GitHub. Review Comment: How about this? ::: note Pulsar's OpenID Connect integration is available from 3.0.0. Currently, this feature is in beta. ::: ## docs/security-openid-connect.md: ## @@ -8,6 +8,10 @@ Apache Pulsar supports authenticating clients using [OpenID Connect](https://ope The source code for the OpenID Connect implementation is in the [pulsar-broker-auth-oidc](https://github.com/apache/pulsar/blob/master/pulsar-broker-auth-oidc/) submodule in the Apache Pulsar git repo. +:::note +Pulsar's OpenID Connect integration was introduced in Pulsar 3.0.0. As always, if you encounter any issues, please ask questions on Pulsar channels and open issues in GitHub. Review Comment: How about this? > ::: note > > Pulsar's OpenID Connect integration is available from 3.0.0. Currently, this feature is in beta. > > ::: -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@pulsar.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [pulsar-site] Anonymitaet commented on a diff in pull request #558: Minor improvements to OIDC docs
Anonymitaet commented on code in PR #558: URL: https://github.com/apache/pulsar-site/pull/558#discussion_r1186952146 ## docs/security-openid-connect.md: ## @@ -21,9 +25,9 @@ After authenticating with the Identity Provider, the Pulsar client gets an acces 7. When token validation is successful, the Pulsar Server extracts the `sub` claim from the token (or the configured `openIDRoleClaim`) and uses it as the principal for authorization. 8. When the token expires, the Pulsar Server challenges the client to re-authenticate with the Identity Provider and provide a new access token. If the client fails to re-authenticate, the Pulsar Server closes the connection. -## Enable OpenID Connect Authentication in the Brokers, Proxies, and WebSocket Proxies +## Enable OpenID Connect Authentication in the Broker and Proxy -To configure Pulsar Servers to authenticate clients using OpenID Connect, add the following parameters to the `conf/broker.conf`, the `conf/proxy.conf`, and the `conf/websocket.conf` files. If you use a standalone Pulsar, you need to add these parameters to the `conf/standalone.conf` file: +To configure Pulsar Servers to authenticate clients using OpenID Connect, add the following parameters to the `conf/broker.conf` and the `conf/proxy.conf`. If you use a standalone Pulsar, you need to add these parameters to the `conf/standalone.conf` file: Review Comment: ```suggestion To configure Pulsar servers to authenticate clients using OpenID Connect, add the following parameters to the `conf/broker.conf` and the `conf/proxy.conf`. If you use a standalone Pulsar, add these parameters to the `conf/standalone.conf` file: ``` ## docs/security-openid-connect.md: ## @@ -8,6 +8,10 @@ Apache Pulsar supports authenticating clients using [OpenID Connect](https://ope The source code for the OpenID Connect implementation is in the [pulsar-broker-auth-oidc](https://github.com/apache/pulsar/blob/master/pulsar-broker-auth-oidc/) submodule in the Apache Pulsar git repo. +:::note +Pulsar's OpenID Connect integration was introduced in Pulsar 3.0.0. As always, if you encounter any issues, please ask questions on Pulsar channels and open issues in GitHub. Review Comment: ```suggestion Pulsar's OpenID Connect integration is available from 3.0.0. ``` > As always, if you encounter any issues, please ask questions on Pulsar channels and open issues in GitHub. We do not need to add this because: 1) it's a common practice for developers 2) it's applicable for all features/improvements/... If we add this here, we need to add this everywhere -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@pulsar.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
