From 58e1f4118500eac9508661366c0e02d99d8fabc0 Mon Sep 17 00:00:00 2001
From: Lubomir Bucek <lubomir.bucek@eox.at>
Date: Tue, 10 Nov 2020 16:18:03 +0100
Subject: [PATCH] saving progress of access part of operator guide

---
 README.md                                  |  2 +-
 documentation/operator-guide/index.rst     |  1 +
 documentation/operator-guide/ingestion.rst |  4 +++-
 documentation/operator-guide/intro.rst     | 21 +++++++++++++--------
 4 files changed, 18 insertions(+), 10 deletions(-)

diff --git a/README.md b/README.md
index 6747a87d..734ddd8a 100644
--- a/README.md
+++ b/README.md
@@ -55,7 +55,7 @@ The following services are defined via docker compose files.
 
 ### shibauth
 
-* based on the external unicon/shibboleth-sp:3.0.4 Apache + Shibboleth image
+* based on the external unicon/shibboleth-sp:3.0.4 Apache + Shibboleth SP3 image
 * provides authentication and authorization via SAML2
 * docker configuration files set access control rules
 * traefik labels determine which services are protected via Shib
diff --git a/documentation/operator-guide/index.rst b/documentation/operator-guide/index.rst
index 249dfe69..4aa4e923 100644
--- a/documentation/operator-guide/index.rst
+++ b/documentation/operator-guide/index.rst
@@ -12,6 +12,7 @@ View Server - Operator Guide
    configuration
    management
    ingestion
+   access
 
 ..
    Indices and tables
diff --git a/documentation/operator-guide/ingestion.rst b/documentation/operator-guide/ingestion.rst
index 8efdac75..f81dfee0 100644
--- a/documentation/operator-guide/ingestion.rst
+++ b/documentation/operator-guide/ingestion.rst
@@ -292,4 +292,6 @@ The preprocessing step aims to ensure that cloud optimized GeoTIFF (COG) files a
 
 - If data are already in COGs and in favorable projection, which will be presented to the user for most of the times, direct registration should be used. This means, paths to individual products will be pushed directly to the register queues.
 
-- Also for cases, where preprocessing step would take too much time, direct registration allowing access to the metadata and catalog functions, while justifying slower rendering times can be preferred.
\ No newline at end of file
+- Also for cases, where preprocessing step would take too much time, direct registration allowing access to the metadata and catalog functions, while justifying slower rendering times can be preferred.
+
+Next chapter :ref:`access` describes used authorization and authentication concepts and lines out how the external access to individual components and service as such is configured.
\ No newline at end of file
diff --git a/documentation/operator-guide/intro.rst b/documentation/operator-guide/intro.rst
index 3ee54989..6e818495 100644
--- a/documentation/operator-guide/intro.rst
+++ b/documentation/operator-guide/intro.rst
@@ -32,6 +32,9 @@ respective Docker image in parenthesis):
 - Database (postgis)
 - Queue Manager (redis)
 - Log collector (fluentd)
+- Kibana (kibana)
+- Elasticsearch (elasticsearch)
+- Shibboleth SP3 (unicon/shibboleth-sp)
 
 These services are bundled and managed together in a Docker Swarm via
 Docker Compose configuration files.
@@ -50,15 +53,17 @@ the used images:
 
 - mdillon/postgis:10
 - redis
-- traefik:2.1
-- elasticsearch:7.9.0 
-- kibana:7.9.0  
+- traefik
+- elasticsearch
+- kibana
+- unicon/shibboleth-sp
 - atmoz/sftp
-- registry.gitlab.eox.at/esa/prism/vs/fluentd:latest
-- registry.gitlab.eox.at/esa/prism/vs/pvs_core:latest
-- registry.gitlab.eox.at/esa/prism/vs/pvs_cache:latest
-- registry.gitlab.eox.at/esa/prism/vs/pvs_preprocessor:latest
-- registry.gitlab.eox.at/esa/prism/vs/pvs_client:latest
+- registry.gitlab.eox.at/esa/prism/vs/fluentd
+- registry.gitlab.eox.at/esa/prism/vs/pvs_core
+- registry.gitlab.eox.at/esa/prism/vs/pvs_cache
+- registry.gitlab.eox.at/esa/prism/vs/pvs_preprocessor
+- registry.gitlab.eox.at/esa/prism/vs/pvs_client
+- registry.gitlab.eox.at/esa/prism/vs/pvs_ingestor
 
 Configuration Files
 -------------------
-- 
GitLab