apache/kyuubi
1
0
Fork 0
Code Issues Pull Requests Actions 5 Packages Projects Releases Wiki Activity
5f98539c82
kyuubi/docs/security/authentication.rst
liangbowen 97b14f8bc3
[KYUUBI #3275] [KYUUBI 3269] [DOCS] Doc for JDBC authentication provider 
### _Why are the changes needed?_

fix https://github.com/apache/incubator-kyuubi/issues/3269

Add docs for JDBC auth provider from https://github.com/apache/incubator-kyuubi/issues/3222 shipping within 1.6.0, add jdbc.rst in /docs/security path
simplify the config docs for kyuubi.authentication.jdbc.query in /docs/deployment/settings.md by moving examples to the docs of jdbc auth provider.

### _How was this patch tested?_
- [ ] Add some test cases that check the changes thoroughly including negative and positive cases if possible

- [ ] Add screenshots for manual tests if appropriate

- [x] [Run test](https://kyuubi.apache.org/docs/latest/develop_tools/testing.html#running-tests) locally before make a pull request

Closes #3275 from bowenliang123/doc-jdbc-auth.

Closes #3275

e393f6db [liangbowen] fix config example mistakes
ab70cc8d [liangbowen] update doc for auth query sql
ebd5e194 [liangbowen] update doc description
0b15af59 [liangbowen] typo
953000fe [liangbowen] typo
ab944e73 [liangbowen] typo
e3c3d259 [liangbowen] regenerate conf docs. udpate jdbc.md.
45429ada [liangbowen] typo
3b05338e [liangbowen] add docs for jdbc authentication provider

Authored-by: liangbowen <liangbowen@gf.com.cn>
Signed-off-by: Kent Yao <yao@apache.org>
2022-08-19 17:38:05 +08:00

47 lines
1.8 KiB
ReStructuredText
Raw Blame History

.. Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
.. http://www.apache.org/licenses/LICENSE-2.0
.. Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Kyuubi Authentication Mechanism
=================================
In a secure cluster, services should be able to identify and authenticate
callers. As the fact that the user claims does not necessarily mean this
is true.
The authentication process of kyuubi is used to verify the user identity
that a client used to talk to the kyuubi server. Once done, a trusted
connection will be set up between the client and server if successful;
otherwise, rejected.
.. note:: This only authenticate whether a user or client can connect
with Kyuubi server or not using the provided identity.
For other secured services that this user wants to interact with, he/she
also needs to pass the authentication process of each service, for instance,
Hive Metastore, YARN, HDFS.
The related configurations can be found at `Authentication Configurations`_
.. toctree::
:maxdepth: 2
kerberos
../client/advanced/kerberos
ldap
jdbc
../extensions/server/authentication
.. _Authentication Configurations: ../deployment/settings.html#authentication
Reference in New Issue View Git Blame Copy Permalink