2. Set up Basic Identity Assertion

When you define the Pseudo identity-assertion provider without parameters, the authenticated user is asserted as the effective user. For example, using simple assertion if a user authenticates as "guest", the user's identity for grouping, authorization, and running the request is "guest".

To define a basic identify-assertion provider:

  1. Open the cluster topology descriptor file, $cluster-name.xml, in a text editor.

  2. Add a Pseudo identity-assertion provider to topology/gateway as follows:

    <provider>
       <role>identity-assertion</role>
       <name>Pseudo</name>
       <enabled>true</enabled>
    </provider>
  3. Save the file.

    The gateway creates a new WAR file with modified timestamp in /var/lib/knox/data/deployments .


loading table of contents...