Remove a provider parameter in an existing provider configuration
An example of how to remove the authentication parameter sessionTimeout from a shared provider configuration.
In this example you will see how to remove the authentication provider
parameter sessionTimeout in the
pam
shared
provider configuration. This particular provider is set as follows:{ "providers" : [ { "role" : "authentication", "name" : "ShiroProvider", "enabled" : true, "params" : { "main.pamRealm" : "org.apache.knox.gateway.shirorealm.KnoxPamRealm", "main.pamRealm.service" : "login", "sessionTimeout" : "30" } } ], "readOnly" : true }
- In Cloudera Manager, select the Knox service.
- Go to Configuration.
- Find the Knox Gateway Advanced Configuration Snippet (Safety Valve) for conf/cdp-resources.xml property.
-
Click View as XML and add the following.
<property><name>providerConfigs:pam</name><value>role=authentication#authentication.name=ShiroProvider#authentication.param.remove=sessionTimeout#authentication.param.main.pamRealm=org.apache.knox.gateway.shirorealm.KnoxPamRealm#authentication.param.main.pamRealm.service=login</value></property>
- Save your changes.
- Refresh the cluster.
-
Validate:
$ curl -ku <username>:<password> 'https://johndoe-1.abc.cloudera.com:8443/gateway/admin/api/v1/providerconfig/pam'{ "providers" : [ { "role" : "authentication", "name" : "ShiroProvider", "enabled" : true, "params" : { "main.pamRealm" : "org.apache.knox.gateway.shirorealm.KnoxPamRealm", "main.pamRealm.service" : "login" } } ], "readOnly" : true }