apache/kyuubi
1
0
Fork 0
Code Issues Pull Requests Actions 5 Packages Projects Releases Wiki Activity
6c8024c8a4
kyuubi/docs/security/authentication.rst
Kent Yao 6c8024c8a4
[KYUUBI #3101] [Subtask][#3100] Build the content for extension points documentation 
### _Why are the changes needed?_

Build the content for extension points documentation, pre-work for #3100

<img width="1767" alt="image" src="https://user-images.githubusercontent.com/8326978/179930987-1accbbb7-e804-4230-871f-6c4b1152f4a1.png">

1. the extensions are divided into 2: server side and engine side extensions. (Do we have client side extension support?)
2. the server side authentication page is cross-referenced by the security section, see 1 in the picture.
3. the engine side ones are grouped by different compute frameworks.
4. connector is one type of extension, so we cross-reference the connector pages directly, see 2 & 3 in the picture.

### _How was this patch tested?_
- [ ] Add some test cases that check the changes thoroughly including negative and positive cases if possible

- [x] Add screenshots for manual tests if appropriate

- [x] [Run test](https://kyuubi.apache.org/docs/latest/develop_tools/testing.html#running-tests) locally before make a pull request

Closes #3103 from yaooqinn/3101.

Closes #3101

a9ae3e32 [Kent Yao] [KYUUBI #3101] [Subtask][#3100] Build content for extension points documentation
3b7367e9 [Kent Yao] [KYUUBI #3101] [Subtask][#3100] Build content for extension points documentation
b5eda13e [Kent Yao] [KYUUBI #3101] [Subtask][#3100] Build content for extension points documentation

Authored-by: Kent Yao <yao@apache.org>
Signed-off-by: Kent Yao <yao@apache.org>
2022-07-21 15:37:19 +08:00

46 lines
1.8 KiB
ReStructuredText
Raw Blame History

.. Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
.. http://www.apache.org/licenses/LICENSE-2.0
.. Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Kyuubi Authentication Mechanism
=================================
In a secure cluster, services should be able to identify and authenticate
callers. As the fact that the user claims does not necessarily mean this
is true.
The authentication process of kyuubi is used to verify the user identity
that a client used to talk to the kyuubi server. Once done, a trusted
connection will be set up between the client and server if successful;
otherwise, rejected.
.. note:: This only authenticate whether a user or client can connect
with Kyuubi server or not using the provided identity.
For other secured services that this user wants to interact with, he/she
also needs to pass the authentication process of each service, for instance,
Hive Metastore, YARN, HDFS.
The related configurations can be found at `Authentication Configurations`_
.. toctree::
:maxdepth: 2
kerberos
../client/advanced/kerberos
ldap
../extensions/server/authentication
.. _Authentication Configurations: ../deployment/settings.html#authentication
Reference in New Issue View Git Blame Copy Permalink