ACCUMULO-3045 Update user manual for CredentialProviderToken.
Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/d5e094dd Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/d5e094dd Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/d5e094dd Branch: refs/heads/master Commit: d5e094ddf3b6dd028f23a5f1069ff2147cbf2c70 Parents: 4d70739 Author: Josh Elser <els...@apache.org> Authored: Thu Aug 7 14:27:30 2014 -0400 Committer: Josh Elser <els...@apache.org> Committed: Thu Aug 7 14:27:30 2014 -0400 ---------------------------------------------------------------------- .../accumulo_user_manual/chapters/administration.tex | 4 ++++ .../main/latex/accumulo_user_manual/chapters/clients.tex | 10 ++++++++++ 2 files changed, 14 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/accumulo/blob/d5e094dd/docs/src/main/latex/accumulo_user_manual/chapters/administration.tex ---------------------------------------------------------------------- diff --git a/docs/src/main/latex/accumulo_user_manual/chapters/administration.tex b/docs/src/main/latex/accumulo_user_manual/chapters/administration.tex index 78becca..d524def 100644 --- a/docs/src/main/latex/accumulo_user_manual/chapters/administration.tex +++ b/docs/src/main/latex/accumulo_user_manual/chapters/administration.tex @@ -261,6 +261,10 @@ This configuration will then transparently extract the \texttt{instance.secret} the configured KeyStore and alleviates a human readable storage of the sensitive property. +A KeyStore can also be stored in HDFS, which will make the KeyStore readily available to +all Accumulo servers. If the local filesystem is used, be aware that each Accumulo server +will expect the KeyStore in the same location. + \section{Initialization} Accumulo must be initialized to create the structures it uses internally to locate http://git-wip-us.apache.org/repos/asf/accumulo/blob/d5e094dd/docs/src/main/latex/accumulo_user_manual/chapters/clients.tex ---------------------------------------------------------------------- diff --git a/docs/src/main/latex/accumulo_user_manual/chapters/clients.tex b/docs/src/main/latex/accumulo_user_manual/chapters/clients.tex index 1dbe564..8f8bbdf 100644 --- a/docs/src/main/latex/accumulo_user_manual/chapters/clients.tex +++ b/docs/src/main/latex/accumulo_user_manual/chapters/clients.tex @@ -61,6 +61,16 @@ Instance inst = new ZooKeeperInstance(instanceName, zooServers); Connector conn = inst.getConnector("user", new PasswordToken("passwd")); \end{verbatim}\endgroup +The PasswordToken is the most common implementation of an \texttt{AuthenticationToken}. +This general interface allow authentication as an Accumulo user to come from +a variety of sources or means. The CredentialProviderToken leverages the Hadoop +CredentialProviders (new in Hadoop 2.6). + +For example, the CredentialProviderToken can be used in conjunction with a Java +KeyStore to alleviate passwords stored in cleartext. When stored in HDFS, a single +KeyStore can be used across an entire instance. Be aware that KeyStores stored on +the local filesystem must be made available to all nodes in the Accumulo cluster. + \section{Writing Data} Data are written to Accumulo by creating Mutation objects that represent all the
