summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorZlatko Murgoski <zlatko.murgoski@nokia.com>2019-03-15 15:05:15 +0100
committerZlatko Murgoski <zlatko.murgoski@nokia.com>2019-03-15 15:14:01 +0100
commit580eae246a3ac7bf9533df96d20c0fc9b5425d3c (patch)
treedd8062ee9ad233692bb11576b2addbe390fb8c92
parent3a715095c50917f955ea2ea495febe08481e2c16 (diff)
Collector authentication enhancement doc
Collector authentication enhancement doc update Change-Id: I03a05cb83dd8c498fb218e82e9b3958348fbb4ac Issue-ID: DCAEGEN2-1101 Signed-off-by: Zlatko Murgoski <zlatko.murgoski@nokia.com>
-rw-r--r--docs/sections/services/ves-http/configuration.rst5
-rw-r--r--docs/sections/services/ves-http/tls-authentication.rst8
2 files changed, 8 insertions, 5 deletions
diff --git a/docs/sections/services/ves-http/configuration.rst b/docs/sections/services/ves-http/configuration.rst
index c7f2fe6e..a6862f58 100644
--- a/docs/sections/services/ves-http/configuration.rst
+++ b/docs/sections/services/ves-http/configuration.rst
@@ -56,11 +56,10 @@ VES expects to be able to fetch configuration directly from consul service in fo
}
},
"collector.service.secure.port": "8443",
- "header.authflag": "0",
+ "auth.method": "noAuth",
"collector.keystore.file.location": "/opt/app/VESCollector/etc/keystore",
- "collector.keystore.alias": "dynamically generated",
"services_calls": [],
- "header.authlist": "sample1,c2FtcGxlMQ=="
+ "header.authlist": "sample1,$2a$10$0buh.2WeYwN868YMwnNNEuNEAMNYVU9.FSMJGyIKV3dGET/7oGOi6"
}
diff --git a/docs/sections/services/ves-http/tls-authentication.rst b/docs/sections/services/ves-http/tls-authentication.rst
index b3cbafdf..b5226dc5 100644
--- a/docs/sections/services/ves-http/tls-authentication.rst
+++ b/docs/sections/services/ves-http/tls-authentication.rst
@@ -15,6 +15,10 @@ Of course, mutual TLS authentication requires also server certificates, so follo
* *collector.keystore.file.location* - a path to jks key store containing certificates which can be used for TLS handshake
* *collector.keystore.passwordfile* - a path to file containing a password for the key store
- * *collector.keystore.alias* - a name of a certificate from a key store which VES will use during TLS handshake
-Property *header.authflag=1* may by used along *collector.service.secure.clientauth=1* in order to enable mutual TLS authentication and basic HTTP authentication.
+Property *auth.method* is used to manage security mode, possible configuration: noAuth, basicAuth, certOnly, certBasicAuth
+
+ * *auth.method=noAuth* default option - no security (http)
+ * *auth.method=certOnly* is used to enable mutual TLS authentication (https)
+ * *auth.method=certBasicAuth* is used to enable mutual TLS authentication or/and basic HTTPs authentication
+ * *auth.method=basicAuth* is used to enable basic HTTPs authentication \ No newline at end of file