diff options
| author |   Zlatko Murgoski <zlatko.murgoski@nokia.com> | 2019-03-15 15:05:15 +0100 |
|---|---|---|
| committer | Zlatko Murgoski <zlatko.murgoski@nokia.com> | 2019-03-15 15:14:01 +0100 |
| commit | 580eae246a3ac7bf9533df96d20c0fc9b5425d3c (patch) | |
| tree | dd8062ee9ad233692bb11576b2addbe390fb8c92 | |
| parent | 3a715095c50917f955ea2ea495febe08481e2c16 (diff) | |
Collector authentication enhancement doc
Collector authentication enhancement doc update
Change-Id: I03a05cb83dd8c498fb218e82e9b3958348fbb4ac
Issue-ID: DCAEGEN2-1101
Signed-off-by: Zlatko Murgoski <zlatko.murgoski@nokia.com>
| -rw-r--r-- | docs/sections/services/ves-http/configuration.rst | 5 | ||||
| -rw-r--r-- | docs/sections/services/ves-http/tls-authentication.rst | 8 |
2 files changed, 8 insertions, 5 deletions
diff --git a/docs/sections/services/ves-http/configuration.rst b/docs/sections/services/ves-http/configuration.rst index c7f2fe6e..a6862f58 100644 --- a/docs/sections/services/ves-http/configuration.rst +++ b/docs/sections/services/ves-http/configuration.rst @@ -56,11 +56,10 @@ VES expects to be able to fetch configuration directly from consul service in fo } }, "collector.service.secure.port": "8443", - "header.authflag": "0", + "auth.method": "noAuth", "collector.keystore.file.location": "/opt/app/VESCollector/etc/keystore", - "collector.keystore.alias": "dynamically generated", "services_calls": [], - "header.authlist": "sample1,c2FtcGxlMQ==" + "header.authlist": "sample1,$2a$10$0buh.2WeYwN868YMwnNNEuNEAMNYVU9.FSMJGyIKV3dGET/7oGOi6" } diff --git a/docs/sections/services/ves-http/tls-authentication.rst b/docs/sections/services/ves-http/tls-authentication.rst index b3cbafdf..b5226dc5 100644 --- a/docs/sections/services/ves-http/tls-authentication.rst +++ b/docs/sections/services/ves-http/tls-authentication.rst @@ -15,6 +15,10 @@ Of course, mutual TLS authentication requires also server certificates, so follo * *collector.keystore.file.location* - a path to jks key store containing certificates which can be used for TLS handshake * *collector.keystore.passwordfile* - a path to file containing a password for the key store - * *collector.keystore.alias* - a name of a certificate from a key store which VES will use during TLS handshake -Property *header.authflag=1* may by used along *collector.service.secure.clientauth=1* in order to enable mutual TLS authentication and basic HTTP authentication. +Property *auth.method* is used to manage security mode, possible configuration: noAuth, basicAuth, certOnly, certBasicAuth + + * *auth.method=noAuth* default option - no security (http) + * *auth.method=certOnly* is used to enable mutual TLS authentication (https) + * *auth.method=certBasicAuth* is used to enable mutual TLS authentication or/and basic HTTPs authentication + * *auth.method=basicAuth* is used to enable basic HTTPs authentication
\ No newline at end of file |