[#3483] Updated RBAC doc

diff --git a/doc/examples/agent/rbac.json b/doc/examples/agent/rbac.json
index 1ac2453284208185cde8978a1531e595c4f4572e..575cfd90e5fc7b5d44be300f2d0056e5f8c84361 100644 (file)
--- a/doc/examples/agent/rbac.json
+++ b/doc/examples/agent/rbac.json
@@ -32,7 +32,7 @@
         // Add hooks here.
         "hooks-libraries": [
         {
-            "library": "/opt/lib/libca_rbac.so",
+            "library": "/opt/lib/libdhcp_rbac.so",
             "parameters": {
                 // This section configures the RBAC hook library.
                 // Mandatory parameters.

diff --git a/doc/sphinx/arm/ctrl-channel.rst b/doc/sphinx/arm/ctrl-channel.rst
index 2b878872c936ec866541747f35520c19a8bcefa0..24bdf59e87945bd367e671dabea8e2a0013735fc 100644 (file)
--- a/doc/sphinx/arm/ctrl-channel.rst
+++ b/doc/sphinx/arm/ctrl-channel.rst
@@ -274,7 +274,7 @@ as a single entry (JSON map) as follows:
 
 
 These types of errors are possible on systems configured for either basic
-authentication or agents that load :ischooklib:`libca_rbac.so`.
+authentication or agents that load :ischooklib:`libdhcp_rbac.so`.
 
 .. _ctrl-channel-client:
 

diff --git a/doc/sphinx/arm/hooks-rbac.rst b/doc/sphinx/arm/hooks-rbac.rst
index e67a1c24732e71a257f1ab13d399b6b4ba0a9b97..b5c026375c3893bf4790ad93eb77a6629868c368 100644 (file)
--- a/doc/sphinx/arm/hooks-rbac.rst
+++ b/doc/sphinx/arm/hooks-rbac.rst
@@ -1,15 +1,15 @@
-.. ischooklib:: libca_rbac.so
+.. ischooklib:: libdhcp_rbac.so
 .. _hooks-RBAC:
 
-``libca_rbac.so``: Role-Based Access Control
-============================================
+``libdhcp_rbac.so``: Role-Based Access Control
+==============================================
 
 .. _hooks-RBAC-overview:
 
 Role-Based Access Control (RBAC) Overview
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-Before the processing of commands in received HTTP requests, :ischooklib:`libca_rbac.so`
+Before the processing of commands in received HTTP requests, :ischooklib:`libdhcp_rbac.so`
 takes specific parameters, e.g. the common-name part of the client
 certificate subject name, to assign a role to the request.
 The configuration associated with this role is used to accept or reject
@@ -33,10 +33,17 @@ Here is a summary of the steps in processing a response:
 
 .. note::
 
-    :ischooklib:`libca_rbac.so` is available only to ISC customers with
+    :ischooklib:`libdhcp_rbac.so` is available only to ISC customers with
     a paid support contract. For more information on subscription options,
     please complete the form at https://www.isc.org/contact.
 
+
+.. note::
+
+    Since Kea 1.7.x the RBAC is no longer limited to teh Control Agent:
+    it can be used by any other server supporting HTTP/HTTPS control
+    sockets e.g. DHCPv4, DHCPv6 and DDNS servers.
+
 .. _hooks-RBAC-config:
 
 Role-Based Access Control Configuration
@@ -106,12 +113,12 @@ API Commands
 
 All commands of the REST API are described in files in the source directory
 ``src/share/api``, or in installed Kea
-in ``.../share/kea/api``. :ischooklib:`libca_rbac.so` reads these files to take the name,
+in ``.../share/kea/api``. :ischooklib:`libdhcp_rbac.so` reads these files to take the name,
 the access right (i.e. ``read`` or ``write``), and the hook name. The access right
-can be modified in the file but changes are only applied after the Control Agent
-restarts. Removing command definitions from ``.../share/kea/api`` has
+can be modified in the file but changes are only applied after the server or
+agent restarts. Removing command definitions from ``.../share/kea/api`` has
 consequences: if the access control list is based on ``read`` or ``write`` and
-the definition file is missing, the Control Agent always rejects such
+the definition file is missing, the server or agent always rejects such
 a command. If the access controls list is using ``commands`` to specify the
 name of a command and the definition file from ``.../share/kea/api`` of this
 particular command is missing, the Control Agent logs an error on startup
@@ -261,7 +268,7 @@ in the Kea source and is copied below.
         // Add hooks here.
         "hooks-libraries": [
         {
-            "library": "/opt/lib/libca_rbac.so",
+            "library": "/opt/lib/libdhcp_rbac.so",
             "parameters": {
                 // This section configures the RBAC hook library.
                 // Mandatory parameters.

diff --git a/doc/sphinx/arm/logging.rst b/doc/sphinx/arm/logging.rst
index 4add84f989855f73c90124ec89ad755586670dcb..97fb2f6055feab94121a1054120c3fc5998e0075 100644 (file)
--- a/doc/sphinx/arm/logging.rst
+++ b/doc/sphinx/arm/logging.rst
@@ -164,7 +164,7 @@ libraries), or hook libraries (open source or premium).
    |                                  |                                       | parsing, and sending           |
    |                                  |                                       | HTTP messages.                 |
    +----------------------------------+---------------------------------------+--------------------------------+
-   | ``kea-ctrl-agent.rbac-hooks``    | :ischooklib:`libca_rbac.so`           | Used to log messages related   |
+   | ``kea-ctrl-agent.rbac-hooks``    | :ischooklib:`libdhcp_rbac.so`         | Used to log messages related   |
    |                                  | enterprise hook library               | to the operation of the RBAC   |
    |                                  |                                       | hook library.                  |
    +----------------------------------+---------------------------------------+--------------------------------+