Disable a provider in an existing provider configuration

An example of how to disable the authorization provider in the manager shared provider configuration.

In this example you will see how to disable the authorization provider in the manager shared provider configuration. This particular authorization provider is set as follows (in its JSON descriptor):
{
         "role": "authorization",
         "name": "AclsAuthz",
         "enabled": "true",
         "params": {
            "knox.acl.mode": "OR",
            "knox.acl": "KNOX_ADMIN_USERS;KNOX_ADMIN_GROUPS;*"
         }
      }
  1. From Cloudera Manager > Knox > Configuration, add the following entry in the Knox Gateway Advanced Configuration Snippet (Safety Valve) for conf/cdp-descriptors.xml:
    • name = providerConfigs:manager
    • value = role=authorization#authorization.name=AclsAuthz#authorization.enabled=false#authorization.param.knox.acl=KNOX_ADMIN_USERS;KNOX_ADMIN_GROUPS;*#authorization.param.knox.acl.mode=OR
  2. Save your changes.
  3. Refresh the cluster.
  4. Validate:
    $ curl -ku knoxui:knoxui 'https://johndoe-1.abc.cloudera.com:8443/gateway/admin/api/v1/providerconfig/manager'
    {
      "providers" : [ 
     ...
      }, {
        "role" : "authorization",
        "name" : "AclsAuthz",
        "enabled" : false,
        "params" : {
          "knox.acl" : "myTestUser;KNOX_ADMIN_GROUPS;*",
          "knox.acl.mode" : "OR"
        }
      }, {
        "role" : "ha",
        "name" : "HaProvider",
        "enabled" : true,
        "params" : {
          "ATLAS" : "enabled=true;maxFailoverAttempts=3;failoverSleep=1000;maxRetryAttempts=300;retrySleep=1000"
        }
      } ]
    }
    

The only change is that the enabled flag was changed to false.