Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[MINOR] fix(docs): Modify the required value for the document security.md #1223

Merged
merged 1 commit into from
Dec 20, 2023
Merged

[MINOR] fix(docs): Modify the required value for the document security.md #1223

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 19 additions & 19 deletions docs/security.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,11 +55,11 @@ GravitinoClient client = GravitinoClient.builder(uri)

| Configuration item | Description | Default value | Required | Since version |
|---------------------------------------------------|-----------------------------------------------------------------------------|-------------------|-----------------------------------------|---------------|
| `gravitino.authenticator` | The authenticator which Gravitino uses, setting as `simple` or `oauth`. | `simple` | Yes | 0.3.0 |
| `gravitino.authenticator.oauth.serviceAudience` | The audience name when Gravitino uses OAuth as the authenticator. | `GravitinoServer` | Yes if use `oauth` as the authenticator | 0.3.0 |
| `gravitino.authenticator.oauth.allowSkewSecs` | The JWT allows skew seconds when Gravitino uses OAuth as the authenticator. | `0` | Yes if use `oauth` as the authenticator | 0.3.0 |
| `gravitino.authenticator` | The authenticator which Gravitino uses, setting as `simple` or `oauth`. | `simple` | No | 0.3.0 |
| `gravitino.authenticator.oauth.serviceAudience` | The audience name when Gravitino uses OAuth as the authenticator. | `GravitinoServer` | No | 0.3.0 |
| `gravitino.authenticator.oauth.allowSkewSecs` | The JWT allows skew seconds when Gravitino uses OAuth as the authenticator. | `0` | No | 0.3.0 |
| `gravitino.authenticator.oauth.defaultSignKey` | The signing key of JWT when Gravitino uses OAuth as the authenticator. | (none) | Yes if use `oauth` as the authenticator | 0.3.0 |
| `gravitino.authenticator.oauth.signAlgorithmType` | The signature algorithm when Gravitino uses OAuth as the authenticator. | `RS256` | Yes if use `oauth` as the authenticator | 0.3.0 |
| `gravitino.authenticator.oauth.signAlgorithmType` | The signature algorithm when Gravitino uses OAuth as the authenticator. | `RS256` | No | 0.3.0 |
| `gravitino.authenticator.oauth.serverUri` | The URI of the default OAuth server. | (none) | Yes if use `oauth` as the authenticator | 0.3.0 |
| `gravitino.authenticator.oauth.tokenPath` | The path for token of the default OAuth server. | (none) | Yes if use `oauth` as the authenticator | 0.3.0 |

Expand Down Expand Up @@ -152,35 +152,35 @@ Both Gravitino server and Iceberg REST service can configure HTTPS.

| Configuration item | Description | Default value | Required | Since version |
|-----------------------------------------------------|--------------------------------------------------------------------|---------------|---------------------------------------------------|---------------|
| `gravitino.server.webserver.enableHttps` | Enables HTTPS. | `false` | Yes | 0.3.0 |
| `gravitino.server.webserver.httpsPort` | The HTTPS port number of the Jetty web server. | `8433` | Yes if use HTTPS | 0.3.0 |
| `gravitino.server.webserver.enableHttps` | Enables HTTPS. | `false` | No | 0.3.0 |
| `gravitino.server.webserver.httpsPort` | The HTTPS port number of the Jetty web server. | `8433` | No | 0.3.0 |
| `gravitino.server.webserver.keyStorePath` | Path to the key store file. | (none) | Yes if use HTTPS | 0.3.0 |
| `gravitino.server.webserver.keyStorePassword` | Password to the key store. | (none) | Yes if use HTTPS | 0.3.0 |
| `gravitino.server.webserver.keyStoreType` | The type to the key store. | `JKS` | Yes if use HTTPS | 0.3.0 |
| `gravitino.server.webserver.keyStoreType` | The type to the key store. | `JKS` | No | 0.3.0 |
| `gravitino.server.webserver.managerPassword` | Manager password to the key store. | (none) | Yes if use HTTPS | 0.3.0 |
| `gravitino.server.webserver.tlsProtocol` | TLS protocol to use. The JVM must support the TLS protocol to use. | none | No | 0.3.0 |
| `gravitino.server.webserver.enableCipherAlgorithms` | The collection of enabled cipher algorithms. | `` | Yes if use HTTPS | 0.3.0 |
| `gravitino.server.webserver.enableClientAuth` | Enables the authentication of the client. | `false` | Yes if use HTTPS | 0.3.0 |
| `gravitino.server.webserver.trustStorePath` | Path to the trust store file. | none | Yes if use HTTPS | 0.3.0 |
| `gravitino.server.webserver.trustStorePassword` | Password to the trust store. | none | Yes if use HTTPS and the authentication of client | 0.3.0 |
| `gravitino.server.webserver.trustStoreType` | The type to the trust store. | `JKS` | Yes if use HTTPS and the authentication of client | 0.3.0 |
| `gravitino.server.webserver.tlsProtocol` | TLS protocol to use. The JVM must support the TLS protocol to use. | (none) | No | 0.3.0 |
| `gravitino.server.webserver.enableCipherAlgorithms` | The collection of enabled cipher algorithms. | `` | No | 0.3.0 |
| `gravitino.server.webserver.enableClientAuth` | Enables the authentication of the client. | `false` | No | 0.3.0 |
| `gravitino.server.webserver.trustStorePath` | Path to the trust store file. | (none) | Yes if use HTTPS and the authentication of client | 0.3.0 |
| `gravitino.server.webserver.trustStorePassword` | Password to the trust store. | (none) | Yes if use HTTPS and the authentication of client | 0.3.0 |
| `gravitino.server.webserver.trustStoreType` | The type to the trust store. | `JKS` | No | 0.3.0 |

### Iceberg REST service's configuration

| Configuration item | Description | Default value | Required | Since version |
|------------------------------------------------------------|--------------------------------------------------------------------|---------------|---------------------------------------------------|---------------|
| `gravitino.auxService.iceberg-rest.enableHttps` | Enables HTTPS. | `false` | Yes | 0.3.0 |
| `gravitino.auxService.iceberg-rest.httpsPort` | The HTTPS port number of the Jetty web server. | `8433` | Yes if use HTTPS | 0.3.0 |
| `gravitino.auxService.iceberg-rest.enableHttps` | Enables HTTPS. | `false` | No | 0.3.0 |
| `gravitino.auxService.iceberg-rest.httpsPort` | The HTTPS port number of the Jetty web server. | `8433` | No | 0.3.0 |
| `gravitino.auxService.iceberg-rest.keyStorePath` | Path to the key store file. | (none) | Yes if use HTTPS | 0.3.0 |
| `gravitino.auxService.iceberg-rest.keyStorePassword` | Password to the key store. | (none) | Yes if use HTTPS | 0.3.0 |
| `gravitino.auxService.iceberg-rest.keyStoreType` | The type to the key store. | `JKS` | Yes if use HTTPS | 0.3.0 |
| `gravitino.auxService.iceberg-rest.keyStoreType` | The type to the key store. | `JKS` | No | 0.3.0 |
| `gravitino.auxService.iceberg-rest.managerPassword` | Manager password to the key store. | (none) | Yes if use HTTPS | 0.3.0 |
| `gravitino.auxService.iceberg-rest.tlsProtocol` | TLS protocol to use. The JVM must support the TLS protocol to use. | (none) | Yes if use HTTPS | 0.3.0 |
| `gravitino.auxService.iceberg-rest.tlsProtocol` | TLS protocol to use. The JVM must support the TLS protocol to use. | (none) | No | 0.3.0 |
| `gravitino.auxService.iceberg-rest.enableCipherAlgorithms` | The collection of enabled cipher algorithms. | `` | No | 0.3.0 |
| `gravitino.auxService.iceberg-rest.enableClientAuth` | Enables the authentication of the client. | `false` | Yes if use HTTPS | 0.3.0 |
| `gravitino.auxService.iceberg-rest.enableClientAuth` | Enables the authentication of the client. | `false` | No | 0.3.0 |
| `gravitino.auxService.iceberg-rest.trustStorePath` | Path to the trust store file. | (none) | Yes if use HTTPS and the authentication of client | 0.3.0 |
| `gravitino.auxService.iceberg-rest.trustStorePassword` | Password to the trust store. | (none) | Yes if use HTTPS and the authentication of client | 0.3.0 |
| `gravitino.auxService.iceberg-rest.trustStoreType` | The type to the trust store. | `JKS` | Yes if use HTTPS and the authentication of client | 0.3.0 |
| `gravitino.auxService.iceberg-rest.trustStoreType` | The type to the trust store. | `JKS` | No | 0.3.0 |

Refer to the "Additional JSSE Standard Names" section of the [Java security guide](https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#jssenames) for the list of protocols related to tlsProtocol. You can find the list of `tlsProtocol` values for Java 8 in this document.

Expand Down