Remove a provider parameter in an existing provider configuration
An example of how to remove the authentication parameter from a shared provider configuration.
In this example you will see how to remove an authentication provider
parameter in the
pam
shared provider configuration. This particular
provider is set as
follows:{ "providers" : [ { "role" : "authentication", "name" : "ShiroProvider", "enabled" : true, "params" : { "main.pamRealm" : "org.apache.knox.gateway.shirorealm.KnoxPamRealm", "main.pamRealm.service" : "login", "sessionTimeout" : "30" } } ], "readOnly" : true }
-
From Cloudera Manager > Knox > Configuration, add the following entry in the
Knox Gateway Advanced Configuration Snippet (Safety Valve) for conf/cdp-resources.xml
:- name =
providerConfigs:pam
- value =
role=authentication#authentication.name=ShiroProvider#authentication.param.remove=sessionTimeout#authentication.param.main.pamRealm=org.apache.knox.gateway.shirorealm.KnoxPamRealm#authentication.param.main.pamRealm.service=login
- name =
- Save your changes.
- Refresh the cluster.
-
Validate:
$ curl -ku <username>:<password> 'https://johndoe-1.abc.cloudera.com:8443/gateway/admin/api/v1/providerconfig/pam'{ "providers" : [ { "role" : "authentication", "name" : "ShiroProvider", "enabled" : true, "params" : { "main.pamRealm" : "org.apache.knox.gateway.shirorealm.KnoxPamRealm", "main.pamRealm.service" : "login" } } ], "readOnly" : true }