Remove mentions of BASIC auth

projectnessie · Nov 14, 2023 · 1d1c1b9 · 1d1c1b9
1 parent 196760e
commit 1d1c1b9
Show file tree

Hide file tree

Showing 5 changed files with 11 additions and 36 deletions.
diff --git a/site/docs/develop/java.md b/site/docs/develop/java.md
@@ -207,21 +207,12 @@ api.transplantCommitsIntoBranch()
 Nessie has multiple `NessieAuthenticationProvider` implementations that allow different client authentication mechanisms as can be seen below.
 The documentation for how to configure Nessie server authentication can be found [here](../try/authentication.md).
 
-The `BasicAuthenticationProvider` allows connecting to a Nessie server that has `BASIC` authentication enabled.
-Note that `BASIC` is not supported in production and should only be used for development/testing.
-```java
-NessieApiV2 api =
-  NessieClientBuilder.createClientBuilder(null, null)
-  .withUri(URI.create("http://localhost:19120/api/v2"))
-  .withAuthentication(BasicAuthenticationProvider.create("my_username", "very_secret"))
-  .build(NessieApiV2.class);
-```
-
-Two other providers allow connecting to a Nessie server that has authentication enabled and expects
-a Bearer token to be provided in HTTP headers:
+When configured with authentication enabled, a Nessie server expects every HTTP request to contain a 
+valid Bearer token in an `Authorization` header. Two authentication providers allow a Nessie client
+to automatically add the required token to the HTTP requests:
 
 1. The `BearerAuthenticationProvider` is the simplest one and directly takes the Bearer token as a 
-parameter; the token must be valid for the entire duration of the client's lifetime:
+parameter; _the token must be valid for the entire duration of the client's lifetime_:
 
     ```java
     NessieApiV2 api =
@@ -250,6 +241,6 @@ token endpoint, which is then used as a Bearer token to authenticate against Nes
             .build(NessieApiV2.class);
     ```
 
-    The main advantage of the `Oauth2AuthenticationProvider` over `BearerAuthenticationProvider` is 
-    that the token is automatically refreshed when it expires. It has more configuration options, 
-    which are documented in the [Tools Configuration](../tools/client_config.md) section.
+The main advantage of the `Oauth2AuthenticationProvider` over `BearerAuthenticationProvider` is 
+that the token is automatically refreshed when it expires. It has more configuration options, 
+which are documented in the [Tools Configuration](../tools/client_config.md) section.
diff --git a/site/docs/tools/cli.md b/site/docs/tools/cli.md
@@ -54,7 +54,6 @@ Possible values for the `auth.type` property are:
 * `none` (default)
 * `bearer`
 * `aws`
-* `basic` (deprecated)
 
 When configuring authentication type `bearer`, the `auth.token` parameter should be set to a valid
 [OpenID token](https://openid.net/specs/openid-connect-core-1_0.html). The token can be set in the Nessie
@@ -65,10 +64,6 @@ When configuring authentication type `aws`, the client delegates to the [Boto](h
 library. You can configure credentials using any of the standard [Boto AWS methods](https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html#configuring-credentials).
 Additionally, the Nessie `auth.region` parameter should be set to the relevant AWS region.
 
-When configuring authentication type `basic`, both `auth.username` and `auth.password` parameters should be set.
-Note: the `basic` authentication type is considered insecure and Nessie Servers do not support it in production
-mode. This authentication type is can only be used when the Nessie Server runs in test or "development" mode.
-
 The command line interface can be configured with most of the above parameters via flags or by setting
 a config directory. The relevant configs can also be set via environment variables. These take precedence. The
 environment variable format is to append `NESSIE_` to a config parameter and nested configs are separated by a *_*. For

diff --git a/site/docs/tools/client_config.md b/site/docs/tools/client_config.md
@@ -113,7 +113,6 @@ The value of the `authentication.type` property can be one of the following:
 * `BEARER`
 * `OAUTH2`
 * `AWS`
-* `BASIC` (deprecated)
 
 ## Authentication Type `NONE`
 
@@ -222,11 +221,3 @@ For the `AWS` Authentication Type the `authentication.aws.region` property shoul
 AWS region where the Nessie Server endpoint is located.
 
 Additional AWS authentication configuration should be provided via standard AWS configuration files. 
-
-## Authentication Type `BASIC`
-
-For the `BASIC` Authentication Type the `authentication.username` and `authentication.password` properties
-should be set.
-
-Note: the `BASIC` authentication type is considered insecure and Nessie Servers do not support it in production
-mode. This authentication type can only be used when the Nessie Server runs in test or "development" mode.
diff --git a/site/docs/tools/iceberg/spark.md b/site/docs/tools/iceberg/spark.md
@@ -92,10 +92,10 @@ String fullPathToWarehouse = ...;
 // (if different from default branch).
 // Can be the name of a Nessie branch or tag name.
 String ref = "main";
-// Nessie authentication type (BASIC, NONE or AWS)
+// Nessie authentication type (NONE, BEARER, OAUTH2 or AWS)
 String authType = "NONE";
 
-    //for a local spark instance
+    // for a local spark instance
     conf.set("spark.jars.packages", "{{ iceberg_spark_runtime().spark_jar_package }},{{ nessie_spark_extensions().spark_jar_package }}")
         .set("spark.sql.extensions", "org.apache.iceberg.spark.extensions.IcebergSparkSessionExtensions,org.projectnessie.spark.extensions.NessieSparkSessionExtensions")
         .set("spark.sql.catalog.nessie.uri", url)
@@ -118,10 +118,9 @@ full_path_to_warehouse = ...
 # The ref or context that nessie will operate on (if different from default branch).
 # Can be the name of a Nessie branch or tag name.
 ref = "main"
-# Nessie authentication type (BASIC, NONE or AWS)
+# Nessie authentication type (NONE, BEARER, OAUTH2 or AWS)
 auth_type = "NONE"
 
-    # here we are assuming NONE authorisation
     spark = SparkSession.builder \
             .config("spark.jars.packages","{{ iceberg_spark_runtime().spark_jar_package }},{{ nessie_spark_extensions().spark_jar_package }}") \
             .config("spark.sql.extensions", "org.apache.iceberg.spark.extensions.IcebergSparkSessionExtensions,org.projectnessie.spark.extensions.NessieSparkSessionExtensions") \
@@ -143,7 +142,7 @@ The following properties are **required** in Spark when creating the Nessie Cata
 - `spark.sql.catalog.<catalog_name>.uri` : The location of the Nessie server.
 - `spark.sql.catalog.<catalog_name>.ref` : The default Nessie branch that the iceberg
   catalog will use.
-- `spark.sql.catalog.<catalog_name>.authentication.type` : The authentication type to be used, set to `NONE` by default. Please refer to the [authentication docs](../auth_config.md) for more info.
+- `spark.sql.catalog.<catalog_name>.authentication.type` : The authentication type to be used, set to `NONE` by default. Please refer to the [Configuration and authentication in Tools docs](../client_config.md) for more info.
 - `spark.sql.catalog.<catalog_name>.catalog-impl` : This **must** be `org.apache.iceberg.nessie.NessieCatalog` in order to tell Spark to use Nessie catalog implementation.
 - `spark.sql.catalog.<catalog_name>.warehouse` : The location where to store Iceberg tables managed by Nessie catalog.
 - `spark.sql.catalog.<catalog_name>` : This **must** be `org.apache.iceberg.spark.SparkCatalog`. This is a Spark

diff --git a/site/docs/try/configuration.md b/site/docs/try/configuration.md
@@ -253,7 +253,6 @@ The following configurations are advanced configurations needed for **legacy** v
 | Property                  | Default values | Type      | Description                           |
 |---------------------------|----------------|-----------|---------------------------------------|
 | `quarkus.http.port`       | `19120`        | `int`     | Sets the HTTP port                    |
-| `quarkus.http.auth.basic` |                | `boolean` | Sets if basic auth should be enabled. |
 
 
 !!! info