Update authentication types description
Issue-ID: DCAEGEN2-1913
Signed-off-by: pawel <pawel.kasperkiewicz@nokia.com>
Change-Id: Ic8b611a65c1c7eb781265b2481f60952b7abfb24
diff --git a/docs/sections/services/ves-http/architecture.rst b/docs/sections/services/ves-http/architecture.rst
index 41f3e8f..960c9cc 100644
--- a/docs/sections/services/ves-http/architecture.rst
+++ b/docs/sections/services/ves-http/architecture.rst
@@ -33,7 +33,7 @@
------------------
- VES collector deployed as docker containers
- Acknowledgement to sender with appropriate response code (both successful and failure)
-- Authentication of the events posted to collector (support 4 types of authentication setting)
+- Authentication of the events posted to collector (support 2 types of authentication setting)
- Support single or batch JSON events input
- Schema validation (against standard VES definition)
- Multiple schema support and backward compatibility
diff --git a/docs/sections/services/ves-http/installation.rst b/docs/sections/services/ves-http/installation.rst
index 3f8f943..0e39930 100644
--- a/docs/sections/services/ves-http/installation.rst
+++ b/docs/sections/services/ves-http/installation.rst
@@ -34,9 +34,7 @@
VES Collector support following authentication types
* *auth.method=noAuth* default option - no security (http)
- * *auth.method=certOnly* is used to enable mutual TLS authentication (https)
* *auth.method=certBasicAuth* is used to enable mutual TLS authentication or/and basic HTTPs authentication
- * *auth.method=basicAuth* is used to enable basic HTTPs authentication
Default ONAP deployed VESCOllector is configured for "noAuth". If VESCollector instance need to be deployed with authentication enabled, follow below setup
@@ -218,7 +216,7 @@
cfy blueprint delete ves-tls
-Known Issue : When VESCollector is required to be deployed with authentication enabled *auth.method=certOnly* or *auth.method: certBasicAuth* or *auth.method: basicAuth*
+Known Issue : When VESCollector is required to be deployed with authentication enabled *auth.method: certBasicAuth*
the blueprint currently disables healthcheck parameters configuration (below). This causes no readiness probe to be deployed in K8S when VES Collector is deployed with authentication enabled.
diff --git a/docs/sections/services/ves-http/tls-authentication.rst b/docs/sections/services/ves-http/tls-authentication.rst
index 1ace393..1230138 100644
--- a/docs/sections/services/ves-http/tls-authentication.rst
+++ b/docs/sections/services/ves-http/tls-authentication.rst
@@ -22,18 +22,10 @@
* *collector.keystore.file.location* - a path to jks key store containing certificates which can be used for TLS handshake
* *collector.keystore.passwordfile* - a path to file containing a password for the key store
-Property *auth.method* is used to manage security mode, possible configuration: noAuth, basicAuth, certOnly, certBasicAuth
+Property *auth.method* is used to manage security mode, possible configuration: noAuth, certBasicAuth
* *auth.method=noAuth* default option - no security (http)
- * *auth.method=certOnly* is used to enable mutual TLS authentication (https)
-
- * client without cert and without basic auth = :red:`Authentication failure`
- * client without cert and wrong basic auth = :red:`Authentication failure`
- * client without cert and correct basic auth = :red:`Authentication failure`
- * client with cert and without/wrong basic auth = :green:`Authentication successful`
- * client with cert and correct basic auth = :green:`Authentication successful`
-
* *auth.method=certBasicAuth* is used to enable mutual TLS authentication or/and basic HTTPs authentication
* client without cert and without basic auth = :red:`Authentication failure`
@@ -42,13 +34,5 @@
* client with cert and without/wrong basic auth = :green:`Authentication successful`
* client with cert and correct basic auth = :green:`Authentication successful`
- * *auth.method=basicAuth* is used to enable basic HTTPs authentication
-
- * client without cert and without basic auth = :red:`Authentication failure`
- * client without cert and wrong basic auth = :red:`Authentication failure`
- * client without cert and correct basic auth = :green:`Authentication successful`
- * client with cert and without/wrong basic auth = :red:`Authentication failure`
- * client with cert and correct basic auth = :green:`Authentication successful`
-
-When application is in certOnly or certBasicAuth mode then certificates are also validated by regexp in /etc/certSubjectMatcher.properties,
+When application is in certBasicAuth mode then certificates are also validated by regexp in /etc/certSubjectMatcher.properties,
only SubjectDn field in certificate description are checked. Default regexp value is .* means that we approve all SubjectDN values.