Docs for mutli-user feature added
Signed-off-by: Dominic Schabel <dominic.schabel@bosch-si.com>
diff --git a/concepts/authorization/index.html b/concepts/authorization/index.html
index e017778..f516995 100644
--- a/concepts/authorization/index.html
+++ b/concepts/authorization/index.html
@@ -10,7 +10,7 @@
<meta name="viewport" content="width=device-width,user-scalable=no,initial-scale=1,maximum-scale=1">
<meta http-equiv="X-UA-Compatible" content="IE=10" />
<title>Authorization - Eclipse hawkBit</title>
- <meta name="generator" content="Hugo 0.54.0" />
+ <meta name="generator" content="Hugo 0.55.5" />
<meta name="description" content="IoT. Update. Device.">
@@ -407,7 +407,7 @@
<p>However, keep in mind that hawkBit does not offer an off the shelf authentication provider to leverage these permissions and the underlying multi user/tenant capabilities of hawkBit. Check out <a href="http://projects.spring.io/spring-security/">Spring security documentation</a> for further information. In hawkBit <a href="https://github.com/eclipse/hawkbit/blob/master/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/SecurityAutoConfiguration.java">SecurityAutoConfiguration</a> is a good starting point for integration.</p>
-<p>The default implementation is single user/tenant with basic auth and the logged in user is provided with all permissions.</p>
+<p>The default implementation is single user/tenant with basic auth and the logged in user is provided with all permissions. Additionally, the application properties may be configured for multiple static users; see <a href="#multiple-users">Multiple Users</a> for details.</p>
<h2 id="ddi-api">DDI API</h2>
@@ -420,6 +420,28 @@
<h2 id="management-api-and-ui">Management API and UI</h2>
+<h3 id="multiple-users">Multiple Users</h3>
+
+<p>hawkBit optionally supports configuring multiple static users through the application properties. In this case, the user and password Spring security properties are ignored.
+An example configuration is given below.</p>
+
+<pre><code>hawkbit.server.im.users[0].username=admin
+hawkbit.server.im.users[0].password={noop}admin
+hawkbit.server.im.users[0].firstname=Test
+hawkbit.server.im.users[0].lastname=Admin
+hawkbit.server.im.users[0].email=admin@test.de
+hawkbit.server.im.users[0].permissions=ALL
+
+hawkbit.server.im.users[1].username=test
+hawkbit.server.im.users[1].password={noop}test
+hawkbit.server.im.users[1].firstname=Test
+hawkbit.server.im.users[1].lastname=Tester
+hawkbit.server.im.users[1].email=test@tester.com
+hawkbit.server.im.users[1].permissions=READ_TARGET,UPDATE_TARGET,CREATE_TARGET,DELETE_TARGET
+</code></pre>
+
+<p>A permissions value of <code>ALL</code> will provide that user will all possible permissions. Passwords need to be specified with the used password encoder in brackets. In this example, <code>noop</code> is used as the plaintext encoder. For production use, it is recommended to use a hash function designed for passwords such as <em>bcrypt</em>. See this <a href="https://spring.io/blog/2017/11/01/spring-security-5-0-0-rc1-released#password-storage-format">blog post</a> for more information on password encoders in Spring Security.</p>
+
<h3 id="delivered-permissions">Delivered Permissions</h3>
<ul>
@@ -551,7 +573,7 @@
<nav class="pagination" aria-label="Footer">
<div class="previous">
- <a href="https://www.eclipse.org/hawkbit/concepts/authentication/" title="Authentication">
+ <a href="https://www.eclipse.org/hawkbit/concepts/datamodel/" title="Data Model">
<span class="direction">
Previous
</span>
@@ -561,7 +583,7 @@
</div>
<div class="stretch">
<div class="title">
- Authentication
+ Data Model
</div>
</div>
</div>
@@ -571,14 +593,14 @@
<div class="next">
- <a href="https://www.eclipse.org/hawkbit/concepts/datamodel/" title="Data Model">
+ <a href="https://www.eclipse.org/hawkbit/concepts/authentication/" title="Authentication">
<span class="direction">
Next
</span>
<div class="page">
<div class="stretch">
<div class="title">
- Data Model
+ Authentication
</div>
</div>
<div class="button button-next" role="button" aria-label="Next">
