Skip to content

Commit

Permalink
[MINOR] fix(docs): Modify the required value for the document `securi…
Browse files Browse the repository at this point in the history 
…ty.md` (#1223)

### What changes were proposed in this pull request?

Modify the required value for the document `security.md`.
I modify some document mistakes by the way.

### Why are the changes needed?

According the review
#1191 (comment)
, modify the required value. If a config option has a default value,
this config option is not required.

### Does this PR introduce _any_ user-facing change?
No.

### How was this patch tested?
No need.

Co-authored-by: qqqttt123 <[email protected]>
Co-authored-by: Heng Qin <[email protected]>
  • Loading branch information
@github-actions @qqqttt123
3 people authored Dec 20, 2023
1 parent 5174f99 commit a4cce16
Showing 1 changed file with 19 additions and 19 deletions.
38 changes: 19 additions & 19 deletions docs/security.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,11 +55,11 @@ GravitinoClient client = GravitinoClient.builder(uri)

| Configuration item | Description | Default value | Required | Since version |
|---------------------------------------------------|-----------------------------------------------------------------------------|-------------------|-----------------------------------------|---------------|
| `gravitino.authenticator` | The authenticator which Gravitino uses, setting as `simple` or `oauth`. | `simple` | Yes | 0.3.0 |
| `gravitino.authenticator.oauth.serviceAudience` | The audience name when Gravitino uses OAuth as the authenticator. | `GravitinoServer` | Yes if use `oauth` as the authenticator | 0.3.0 |
| `gravitino.authenticator.oauth.allowSkewSecs` | The JWT allows skew seconds when Gravitino uses OAuth as the authenticator. | `0` | Yes if use `oauth` as the authenticator | 0.3.0 |
| `gravitino.authenticator` | The authenticator which Gravitino uses, setting as `simple` or `oauth`. | `simple` | No | 0.3.0 |
| `gravitino.authenticator.oauth.serviceAudience` | The audience name when Gravitino uses OAuth as the authenticator. | `GravitinoServer` | No | 0.3.0 |
| `gravitino.authenticator.oauth.allowSkewSecs` | The JWT allows skew seconds when Gravitino uses OAuth as the authenticator. | `0` | No | 0.3.0 |
| `gravitino.authenticator.oauth.defaultSignKey` | The signing key of JWT when Gravitino uses OAuth as the authenticator. | (none) | Yes if use `oauth` as the authenticator | 0.3.0 |
| `gravitino.authenticator.oauth.signAlgorithmType` | The signature algorithm when Gravitino uses OAuth as the authenticator. | `RS256` | Yes if use `oauth` as the authenticator | 0.3.0 |
| `gravitino.authenticator.oauth.signAlgorithmType` | The signature algorithm when Gravitino uses OAuth as the authenticator. | `RS256` | No | 0.3.0 |
| `gravitino.authenticator.oauth.serverUri` | The URI of the default OAuth server. | (none) | Yes if use `oauth` as the authenticator | 0.3.0 |
| `gravitino.authenticator.oauth.tokenPath` | The path for token of the default OAuth server. | (none) | Yes if use `oauth` as the authenticator | 0.3.0 |

Expand Down Expand Up @@ -152,35 +152,35 @@ Both Gravitino server and Iceberg REST service can configure HTTPS.

| Configuration item | Description | Default value | Required | Since version |
|-----------------------------------------------------|--------------------------------------------------------------------|---------------|---------------------------------------------------|---------------|
| `gravitino.server.webserver.enableHttps` | Enables HTTPS. | `false` | Yes | 0.3.0 |
| `gravitino.server.webserver.httpsPort` | The HTTPS port number of the Jetty web server. | `8433` | Yes if use HTTPS | 0.3.0 |
| `gravitino.server.webserver.enableHttps` | Enables HTTPS. | `false` | No | 0.3.0 |
| `gravitino.server.webserver.httpsPort` | The HTTPS port number of the Jetty web server. | `8433` | No | 0.3.0 |
| `gravitino.server.webserver.keyStorePath` | Path to the key store file. | (none) | Yes if use HTTPS | 0.3.0 |
| `gravitino.server.webserver.keyStorePassword` | Password to the key store. | (none) | Yes if use HTTPS | 0.3.0 |
| `gravitino.server.webserver.keyStoreType` | The type to the key store. | `JKS` | Yes if use HTTPS | 0.3.0 |
| `gravitino.server.webserver.keyStoreType` | The type to the key store. | `JKS` | No | 0.3.0 |
| `gravitino.server.webserver.managerPassword` | Manager password to the key store. | (none) | Yes if use HTTPS | 0.3.0 |
| `gravitino.server.webserver.tlsProtocol` | TLS protocol to use. The JVM must support the TLS protocol to use. | none | No | 0.3.0 |
| `gravitino.server.webserver.enableCipherAlgorithms` | The collection of enabled cipher algorithms. | `` | Yes if use HTTPS | 0.3.0 |
| `gravitino.server.webserver.enableClientAuth` | Enables the authentication of the client. | `false` | Yes if use HTTPS | 0.3.0 |
| `gravitino.server.webserver.trustStorePath` | Path to the trust store file. | none | Yes if use HTTPS | 0.3.0 |
| `gravitino.server.webserver.trustStorePassword` | Password to the trust store. | none | Yes if use HTTPS and the authentication of client | 0.3.0 |
| `gravitino.server.webserver.trustStoreType` | The type to the trust store. | `JKS` | Yes if use HTTPS and the authentication of client | 0.3.0 |
| `gravitino.server.webserver.tlsProtocol` | TLS protocol to use. The JVM must support the TLS protocol to use. | (none) | No | 0.3.0 |
| `gravitino.server.webserver.enableCipherAlgorithms` | The collection of enabled cipher algorithms. | `` | No | 0.3.0 |
| `gravitino.server.webserver.enableClientAuth` | Enables the authentication of the client. | `false` | No | 0.3.0 |
| `gravitino.server.webserver.trustStorePath` | Path to the trust store file. | (none) | Yes if use HTTPS and the authentication of client | 0.3.0 |
| `gravitino.server.webserver.trustStorePassword` | Password to the trust store. | (none) | Yes if use HTTPS and the authentication of client | 0.3.0 |
| `gravitino.server.webserver.trustStoreType` | The type to the trust store. | `JKS` | No | 0.3.0 |

### Iceberg REST service's configuration

| Configuration item | Description | Default value | Required | Since version |
|------------------------------------------------------------|--------------------------------------------------------------------|---------------|---------------------------------------------------|---------------|
| `gravitino.auxService.iceberg-rest.enableHttps` | Enables HTTPS. | `false` | Yes | 0.3.0 |
| `gravitino.auxService.iceberg-rest.httpsPort` | The HTTPS port number of the Jetty web server. | `8433` | Yes if use HTTPS | 0.3.0 |
| `gravitino.auxService.iceberg-rest.enableHttps` | Enables HTTPS. | `false` | No | 0.3.0 |
| `gravitino.auxService.iceberg-rest.httpsPort` | The HTTPS port number of the Jetty web server. | `8433` | No | 0.3.0 |
| `gravitino.auxService.iceberg-rest.keyStorePath` | Path to the key store file. | (none) | Yes if use HTTPS | 0.3.0 |
| `gravitino.auxService.iceberg-rest.keyStorePassword` | Password to the key store. | (none) | Yes if use HTTPS | 0.3.0 |
| `gravitino.auxService.iceberg-rest.keyStoreType` | The type to the key store. | `JKS` | Yes if use HTTPS | 0.3.0 |
| `gravitino.auxService.iceberg-rest.keyStoreType` | The type to the key store. | `JKS` | No | 0.3.0 |
| `gravitino.auxService.iceberg-rest.managerPassword` | Manager password to the key store. | (none) | Yes if use HTTPS | 0.3.0 |
| `gravitino.auxService.iceberg-rest.tlsProtocol` | TLS protocol to use. The JVM must support the TLS protocol to use. | (none) | Yes if use HTTPS | 0.3.0 |
| `gravitino.auxService.iceberg-rest.tlsProtocol` | TLS protocol to use. The JVM must support the TLS protocol to use. | (none) | No | 0.3.0 |
| `gravitino.auxService.iceberg-rest.enableCipherAlgorithms` | The collection of enabled cipher algorithms. | `` | No | 0.3.0 |
| `gravitino.auxService.iceberg-rest.enableClientAuth` | Enables the authentication of the client. | `false` | Yes if use HTTPS | 0.3.0 |
| `gravitino.auxService.iceberg-rest.enableClientAuth` | Enables the authentication of the client. | `false` | No | 0.3.0 |
| `gravitino.auxService.iceberg-rest.trustStorePath` | Path to the trust store file. | (none) | Yes if use HTTPS and the authentication of client | 0.3.0 |
| `gravitino.auxService.iceberg-rest.trustStorePassword` | Password to the trust store. | (none) | Yes if use HTTPS and the authentication of client | 0.3.0 |
| `gravitino.auxService.iceberg-rest.trustStoreType` | The type to the trust store. | `JKS` | Yes if use HTTPS and the authentication of client | 0.3.0 |
| `gravitino.auxService.iceberg-rest.trustStoreType` | The type to the trust store. | `JKS` | No | 0.3.0 |

Refer to the "Additional JSSE Standard Names" section of the [Java security guide](https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#jssenames) for the list of protocols related to tlsProtocol. You can find the list of `tlsProtocol` values for Java 8 in this document.

Expand Down

0 comments on commit a4cce16

Please sign in to comment.