Skip to content

[feat][doc] Add saslJaasServerRoleTokenSignerSecret parameter in security-kerberos.md #15172

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Anonymitaet merged 10 commits into from
May 16, 2022
Merged

[feat][doc] Add saslJaasServerRoleTokenSignerSecret parameter in security-kerberos.md #15172

Anonymitaet merged 10 commits into from
May 16, 2022

Conversation

@liudezhi2098
Copy link
Contributor

@liudezhi2098 liudezhi2098 commented Apr 14, 2022

Master Issue: #15121

Preview looks good:
image

Documentation

Check the box below and label this PR (if you have committer privilege).

Need to update docs?

  • doc

@github-actions
Copy link

github-actions bot commented Apr 14, 2022

@liudezhi2098:Thanks for your contribution. For this PR, do we need to update docs?
(The PR template contains info about doc, which helps others know more about the changes. Can you provide doc-related info in this and future PR descriptions? Thanks)

@liudezhi2098
Copy link
Contributor Author

liudezhi2098 commented Apr 14, 2022

@momo-jun PTAL

momo-jun
momo-jun reviewed Apr 14, 2022
View reviewed changes
momo-jun
momo-jun reviewed Apr 14, 2022
View reviewed changes
momo-jun
momo-jun reviewed Apr 15, 2022
View reviewed changes
momo-jun
momo-jun reviewed Apr 15, 2022
View reviewed changes
@Anonymitaet Anonymitaet added doc Your PR contains doc changes, no matter whether the changes are in markdown or code files. and removed doc-label-missing labels Apr 18, 2022
Anonymitaet
Anonymitaet reviewed Apr 18, 2022
View reviewed changes
site2/docs/reference-configuration.md Outdated
|tokenAudienceClaim| The token audience "claim" name, e.g. "aud", that will be used to get the audience from token. If not set, audience will not be verified. ||
|tokenAudience| The token audience stands for this broker. The field `tokenAudienceClaim` of a valid token, need contains this. ||
|saslJaasClientAllowedIds|This is a regexp, which limits the range of possible ids which can connect to the Broker using SASL. By default, it is set to `SaslConstants.JAAS_CLIENT_ALLOWED_IDS_DEFAULT`, which is ".*pulsar.*", so only clients whose id contains 'pulsar' are allowed to connect.|N/A|
|saslJaasServerSectionName|Service Principal, for login context name. By default, it is set to `SaslConstants.JAAS_DEFAULT_BROKER_SECTION_NAME`, which is "PulsarBroker".|N/A|
Copy link
Member

@Anonymitaet Anonymitaet Apr 18, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
|saslJaasServerSectionName|Service Principal, for login context name. By default, it is set to `SaslConstants.JAAS_DEFAULT_BROKER_SECTION_NAME`, which is "PulsarBroker".|N/A|
|saslJaasServerSectionName|Service Principal, for login context name. By default, it is set to `SaslConstants.JAAS_DEFAULT_BROKER_SECTION_NAME`, which is "PulsarBroker".|N/A|

what's the meaning of "Service Principal, for login context name. "?

Copy link
Contributor Author

@liudezhi2098 liudezhi2098 Apr 26, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is the concept of kerberos,principal can be understood as the user's identity, will bring this identity when you log in

@liudezhi2098 @Anonymitaet
Update site2/docs/reference-configuration.md
4e99411 
Co-authored-by: Anonymitaet <50226895+Anonymitaet@users.noreply.github.com>
@momo-jun
Copy link
Contributor

momo-jun commented May 12, 2022

Hi @liudezhi2098 , I noticed that the master code PR was merged two days ago. Does this doc PR need any updates?
If it is good to go, ping @Anonymitaet for a check and merge.

@liudezhi2098
Copy link
Contributor Author

liudezhi2098 commented May 14, 2022

Hi @liudezhi2098 , I noticed that the master code PR was merged two days ago. Does this doc PR need any updates? If it is good to go, ping @Anonymitaet for a check and merge.

need review again, thx.

@Anonymitaet Anonymitaet added this to the 2.11.0 milestone May 16, 2022
@Anonymitaet Anonymitaet merged commit 4ede975 into apache:master May 16, 2022
@Anonymitaet Anonymitaet changed the title [DOC]Add saslJaasServerRoleTokenSignerSecret parameter in security-kerberos.md [feat][doc] Add saslJaasServerRoleTokenSignerSecret parameter in security-kerberos.md May 16, 2022
@Anonymitaet
Copy link
Member

Anonymitaet commented May 16, 2022

@liudezhi2098 I've renamed your PR based on the Pulsar PR Naming Guideline. Please follow it, thanks.

Anonymitaet added a commit that referenced this pull request May 16, 2022
@Anonymitaet
Revert "[feat][doc]Add saslJaasServerRoleTokenSignerSecret parameter …
5345145 
…in security-kerberos.md (#15172)"

This reverts commit 4ede975.
@Anonymitaet Anonymitaet mentioned this pull request May 16, 2022
Merged
Anonymitaet added a commit that referenced this pull request May 17, 2022
@Anonymitaet
Revert "[feat][doc]Add saslJaasServerRoleTokenSignerSecret parameter …
52c8ad4 
…in security-kerberos.md (#15172)" (#15617)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Anonymitaet Anonymitaet Anonymitaet approved these changes

@momo-jun momo-jun momo-jun approved these changes

Assignees

@liudezhi2098 liudezhi2098

Labels

doc Your PR contains doc changes, no matter whether the changes are in markdown or code files.

Projects

None yet

Milestone

2.11.0

Development

Successfully merging this pull request may close these issues.

3 participants

@liudezhi2098 @momo-jun @Anonymitaet