apache
diff --git a/‎src/UserGuide/Master/Tree/Tools-System/CLI_apache.md‎
Lines changed: 1 addition & 110 deletions b/‎src/UserGuide/Master/Tree/Tools-System/CLI_apache.md‎
Lines changed: 1 addition & 110 deletions
diff --git a/‎src/UserGuide/Master/Tree/Tools-System/CLI_timecho.md‎
Lines changed: 1 addition & 110 deletions b/‎src/UserGuide/Master/Tree/Tools-System/CLI_timecho.md‎
Lines changed: 1 addition & 110 deletions
@@ -133,117 +133,8 @@ Special commands of Cli are below.
 | `help`                      | Get hints for CLI special commands                      |
 | `exit/quit`                 | Exit CLI                                                |
 
-### 2.4 Note on using the CLI with OpenID Connect Auth enabled on Server side
 
-Openid connect (oidc) uses keycloack as the authority authentication service of oidc service
-
-
-#### configuration
-
-The configuration is located in iotdb-system.properties , set the author_provider_class is org.apache.iotdb.commons.auth.authorizer.OpenIdAuthorizer Openid service is enabled, and the default value is org.apache.iotdb.db.auth.authorizer.LocalFileAuthorizer Indicates that the openid service is not enabled.
-
-```
-authorizer_provider_class=org.apache.iotdb.commons.auth.authorizer.OpenIdAuthorizer
-```
-
-If the openid service is turned on, openid_URL is required,openID_url value is http://ip:port/realms/{realmsName}
-
-```
-openID_url=http://127.0.0.1:8080/realms/iotdb/
-```
-
-#### keycloack configuration
-
-1、Download the keycloack file (This tutorial is version 21.1.0) and start keycloack in keycloack/bin
-
-```shell
-Shell >cd bin
-Shell >./kc.sh start-dev
-```
-
-2、use url(https://ip:port) login keycloack, the first login needs to create a user
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/login_keycloak.png?raw=true)
-
-3、Click administration console
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/AdministrationConsole.png?raw=true)
-
-4、In the master menu on the left, click Create realm and enter Realm name to create a new realm
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/add_Realm_1.jpg?raw=true)
-
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/add_Realm_2.jpg?raw=true)
-
-
-5、Click the menu clients on the left to create clients
-
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/client.jpg?raw=true)
-
-6、Click user on the left menu to create user
-
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/user.jpg?raw=true)
-
-7、Click the newly created user ID, click the credentials navigation, enter the password and close the temporary option. The configuration of keycloud is completed
-
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/pwd.jpg?raw=true)
-
-8、To create a role, click Roles on the left menu and then click the Create Role button to add a role
-
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/add_role1.jpg?raw=true)
-
-9、 Enter `iotdb_admin` in the Role Name and click the save button. Tip: `iotdb_admin` here cannot be any other name, otherwise even after successful login, you will not have permission to use iotdb's query, insert, create database, add users, roles and other functions
-
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/add_role2.jpg?raw=true)
-
-10、Click on the User menu on the left and then click on the user in the user list to add the `iotdb_admin` role we just created for that user
-
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/add_role3.jpg?raw=true)
-
-11、 Select Role Mappings, select the `iotdb_admin` role in Assign Role 
-
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/add_role4.jpg?raw=true)
-
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/add_role5.jpg?raw=true)
-
-
-Tip: If the user role is adjusted, you need to regenerate the token and log in to iotdb again to take effect
-
-The above steps provide a way for keycloak to log into iotdb. For more ways, please refer to keycloak configuration
-
-If OIDC is enabled on server side then no username / passwort is needed but a valid Access Token from the OIDC Provider.
-So as username you use the token and the password has to be empty, e.g.
-
-```shell
-Shell > bash sbin/start-cli.sh -h 10.129.187.21 -p 6667 -u {my-access-token} -pw ""
-```
-
-Among them, you need to replace {my access token} (note, including {}) with your token, that is, the value corresponding to access_token. The password is empty and needs to be confirmed again.
-
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/iotdbpw.jpeg?raw=true)
-
-
-How to get the token is dependent on your OpenID Connect setup and not covered here.
-In the simplest case you can get this via the command line with the `passwort-grant`.
-For example, if you use keycloack as OIDC and you have a realm with a client `iotdb` defined as public you could use
-the following `curl` command to fetch a token (replace all `{}` with appropriate values).
-
-```shell
-curl -X POST "https://{your-keycloack-server}/realms/{your-realm}/protocol/openid-connect/token" \                                                                                                                      
- -H "Content-Type: application/x-www-form-urlencoded" \
- -d "username={username}" \
- -d "password={password}" \
- -d 'grant_type=password' \
- -d "client_id=iotdb-client"
-```
-
-The response looks something like
-
-```json
-{"access_token":"eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJxMS1XbTBvelE1TzBtUUg4LVNKYXAyWmNONE1tdWNXd25RV0tZeFpKNG93In0.eyJleHAiOjE1OTAzOTgwNzEsImlhdCI6MTU5MDM5Nzc3MSwianRpIjoiNjA0ZmYxMDctN2NiNy00NTRmLWIwYmQtY2M2ZDQwMjFiNGU4IiwiaXNzIjoiaHR0cDovL2F1dGguZGVtby5wcmFnbWF0aWNpbmR1c3RyaWVzLmRlL2F1dGgvcmVhbG1zL0lvVERCIiwiYXVkIjoiYWNjb3VudCIsInN1YiI6ImJhMzJlNDcxLWM3NzItNGIzMy04ZGE2LTZmZThhY2RhMDA3MyIsInR5cCI6IkJlYXJlciIsImF6cCI6ImlvdGRiIiwic2Vzc2lvbl9zdGF0ZSI6IjA2MGQyODYyLTE0ZWQtNDJmZS1iYWY3LThkMWY3ODQ2NTdmMSIsImFjciI6IjEiLCJhbGxvd2VkLW9yaWdpbnMiOlsibG9jYWxob3N0OjgwODAiXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbIm9mZmxpbmVfYWNjZXNzIiwidW1hX2F1dGhvcml6YXRpb24iLCJpb3RkYl9hZG1pbiJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoiZW1haWwgcHJvZmlsZSIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJ1c2VyIn0.nwbrJkWdCNjzFrTDwKNuV5h9dDMg5ytRKGOXmFIajpfsbOutJytjWTCB2WpA8E1YI3KM6gU6Jx7cd7u0oPo5syHhfCz119n_wBiDnyTZkFOAPsx0M2z20kvBLN9k36_VfuCMFUeddJjO31MeLTmxB0UKg2VkxdczmzMH3pnalhxqpnWWk3GnrRrhAf2sZog0foH4Ae3Ks0lYtYzaWK_Yo7E4Px42-gJpohy3JevOC44aJ4auzJR1RBj9LUbgcRinkBy0JLi6XXiYznSC2V485CSBHW3sseXn7pSXQADhnmGQrLfFGO5ZljmPO18eFJaimdjvgSChsrlSEmTDDsoo5Q","expires_in":300,"refresh_expires_in":1800,"refresh_token":"eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJhMzZlMGU0NC02MWNmLTQ5NmMtOGRlZi03NTkwNjQ5MzQzMjEifQ.eyJleHAiOjE1OTAzOTk1NzEsImlhdCI6MTU5MDM5Nzc3MSwianRpIjoiNmMxNTBiY2EtYmE5NC00NTgxLWEwODEtYjI2YzhhMmI5YmZmIiwiaXNzIjoiaHR0cDovL2F1dGguZGVtby5wcmFnbWF0aWNpbmR1c3RyaWVzLmRlL2F1dGgvcmVhbG1zL0lvVERCIiwiYXVkIjoiaHR0cDovL2F1dGguZGVtby5wcmFnbWF0aWNpbmR1c3RyaWVzLmRlL2F1dGgvcmVhbG1zL0lvVERCIiwic3ViIjoiYmEzMmU0NzEtYzc3Mi00YjMzLThkYTYtNmZlOGFjZGEwMDczIiwidHlwIjoiUmVmcmVzaCIsImF6cCI6ImlvdGRiIiwic2Vzc2lvbl9zdGF0ZSI6IjA2MGQyODYyLTE0ZWQtNDJmZS1iYWY3LThkMWY3ODQ2NTdmMSIsInNjb3BlIjoiZW1haWwgcHJvZmlsZSJ9.ayNpXdNX28qahodX1zowrMGiUCw2AodlHBQFqr8Ui7c","token_type":"bearer","not-before-policy":0,"session_state":"060d2862-14ed-42fe-baf7-8d1f784657f1","scope":"email profile"}
-```
-
-The interesting part here is the access token with the key `access_token`.
-This has to be passed as username (with parameter `-u`) and empty password to the CLI.
-
-### 2.5 Batch Operation of Cli
+### 2.4 Batch Operation of Cli
 
 -e parameter is designed for the Cli/shell tool in the situation where you would like to manipulate IoTDB in batches through scripts. By using the -e parameter, you can operate IoTDB without entering the cli's input mode.
 
 
@@ -119,117 +119,8 @@ Special commands of Cli are below.
 | `help`                      | Get hints for CLI special commands                      |
 | `exit/quit`                 | Exit CLI                                                |
 
-## 4. Note on using the CLI with OpenID Connect Auth enabled on Server side
 
-Openid connect (oidc) uses keycloack as the authority authentication service of oidc service
-
-
-#### configuration
-
-The configuration is located in iotdb-system.properties , set the author_provider_class is org.apache.iotdb.commons.auth.authorizer.OpenIdAuthorizer Openid service is enabled, and the default value is org.apache.iotdb.db.auth.authorizer.LocalFileAuthorizer Indicates that the openid service is not enabled.
-
-```
-authorizer_provider_class=org.apache.iotdb.commons.auth.authorizer.OpenIdAuthorizer
-```
-
-If the openid service is turned on, openid_URL is required,openID_url value is http://ip:port/realms/{realmsName}
-
-```
-openID_url=http://127.0.0.1:8080/realms/iotdb/
-```
-
-#### keycloack configuration
-
-1、Download the keycloack file (This tutorial is version 21.1.0) and start keycloack in keycloack/bin
-
-```shell
-Shell >cd bin
-Shell >./kc.sh start-dev
-```
-
-2、use url(https://ip:port) login keycloack, the first login needs to create a user
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/login_keycloak.png?raw=true)
-
-3、Click administration console
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/AdministrationConsole.png?raw=true)
-
-4、In the master menu on the left, click Create realm and enter Realm name to create a new realm
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/add_Realm_1.jpg?raw=true)
-
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/add_Realm_2.jpg?raw=true)
-
-
-5、Click the menu clients on the left to create clients
-
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/client.jpg?raw=true)
-
-6、Click user on the left menu to create user
-
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/user.jpg?raw=true)
-
-7、Click the newly created user ID, click the credentials navigation, enter the password and close the temporary option. The configuration of keycloud is completed
-
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/pwd.jpg?raw=true)
-
-8、To create a role, click Roles on the left menu and then click the Create Role button to add a role
-
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/add_role1.jpg?raw=true)
-
-9、 Enter `iotdb_admin` in the Role Name and click the save button. Tip: `iotdb_admin` here cannot be any other name, otherwise even after successful login, you will not have permission to use iotdb's query, insert, create database, add users, roles and other functions
-
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/add_role2.jpg?raw=true)
-
-10、Click on the User menu on the left and then click on the user in the user list to add the `iotdb_admin` role we just created for that user
-
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/add_role3.jpg?raw=true)
-
-11、 Select Role Mappings, select the `iotdb_admin` role in Assign Role 
-
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/add_role4.jpg?raw=true)
-
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/add_role5.jpg?raw=true)
-
-
-Tip: If the user role is adjusted, you need to regenerate the token and log in to iotdb again to take effect
-
-The above steps provide a way for keycloak to log into iotdb. For more ways, please refer to keycloak configuration
-
-If OIDC is enabled on server side then no username / passwort is needed but a valid Access Token from the OIDC Provider.
-So as username you use the token and the password has to be empty, e.g.
-
-```shell
-Shell > bash sbin/start-cli.sh -h 10.129.187.21 -p 6667 -u {my-access-token} -pw ""
-```
-
-Among them, you need to replace {my access token} (note, including {}) with your token, that is, the value corresponding to access_token. The password is empty and needs to be confirmed again.
-
-![avatar](/img/UserGuide/CLI/Command-Line-Interface/iotdbpw.jpeg?raw=true)
-
-
-How to get the token is dependent on your OpenID Connect setup and not covered here.
-In the simplest case you can get this via the command line with the `passwort-grant`.
-For example, if you use keycloack as OIDC and you have a realm with a client `iotdb` defined as public you could use
-the following `curl` command to fetch a token (replace all `{}` with appropriate values).
-
-```shell
-curl -X POST "https://{your-keycloack-server}/realms/{your-realm}/protocol/openid-connect/token" \                                                                                                                      
- -H "Content-Type: application/x-www-form-urlencoded" \
- -d "username={username}" \
- -d "password={password}" \
- -d 'grant_type=password' \
- -d "client_id=iotdb-client"
-```
-
-The response looks something like
-
-```json
-{"access_token":"eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJxMS1XbTBvelE1TzBtUUg4LVNKYXAyWmNONE1tdWNXd25RV0tZeFpKNG93In0.eyJleHAiOjE1OTAzOTgwNzEsImlhdCI6MTU5MDM5Nzc3MSwianRpIjoiNjA0ZmYxMDctN2NiNy00NTRmLWIwYmQtY2M2ZDQwMjFiNGU4IiwiaXNzIjoiaHR0cDovL2F1dGguZGVtby5wcmFnbWF0aWNpbmR1c3RyaWVzLmRlL2F1dGgvcmVhbG1zL0lvVERCIiwiYXVkIjoiYWNjb3VudCIsInN1YiI6ImJhMzJlNDcxLWM3NzItNGIzMy04ZGE2LTZmZThhY2RhMDA3MyIsInR5cCI6IkJlYXJlciIsImF6cCI6ImlvdGRiIiwic2Vzc2lvbl9zdGF0ZSI6IjA2MGQyODYyLTE0ZWQtNDJmZS1iYWY3LThkMWY3ODQ2NTdmMSIsImFjciI6IjEiLCJhbGxvd2VkLW9yaWdpbnMiOlsibG9jYWxob3N0OjgwODAiXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbIm9mZmxpbmVfYWNjZXNzIiwidW1hX2F1dGhvcml6YXRpb24iLCJpb3RkYl9hZG1pbiJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoiZW1haWwgcHJvZmlsZSIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJ1c2VyIn0.nwbrJkWdCNjzFrTDwKNuV5h9dDMg5ytRKGOXmFIajpfsbOutJytjWTCB2WpA8E1YI3KM6gU6Jx7cd7u0oPo5syHhfCz119n_wBiDnyTZkFOAPsx0M2z20kvBLN9k36_VfuCMFUeddJjO31MeLTmxB0UKg2VkxdczmzMH3pnalhxqpnWWk3GnrRrhAf2sZog0foH4Ae3Ks0lYtYzaWK_Yo7E4Px42-gJpohy3JevOC44aJ4auzJR1RBj9LUbgcRinkBy0JLi6XXiYznSC2V485CSBHW3sseXn7pSXQADhnmGQrLfFGO5ZljmPO18eFJaimdjvgSChsrlSEmTDDsoo5Q","expires_in":300,"refresh_expires_in":1800,"refresh_token":"eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJhMzZlMGU0NC02MWNmLTQ5NmMtOGRlZi03NTkwNjQ5MzQzMjEifQ.eyJleHAiOjE1OTAzOTk1NzEsImlhdCI6MTU5MDM5Nzc3MSwianRpIjoiNmMxNTBiY2EtYmE5NC00NTgxLWEwODEtYjI2YzhhMmI5YmZmIiwiaXNzIjoiaHR0cDovL2F1dGguZGVtby5wcmFnbWF0aWNpbmR1c3RyaWVzLmRlL2F1dGgvcmVhbG1zL0lvVERCIiwiYXVkIjoiaHR0cDovL2F1dGguZGVtby5wcmFnbWF0aWNpbmR1c3RyaWVzLmRlL2F1dGgvcmVhbG1zL0lvVERCIiwic3ViIjoiYmEzMmU0NzEtYzc3Mi00YjMzLThkYTYtNmZlOGFjZGEwMDczIiwidHlwIjoiUmVmcmVzaCIsImF6cCI6ImlvdGRiIiwic2Vzc2lvbl9zdGF0ZSI6IjA2MGQyODYyLTE0ZWQtNDJmZS1iYWY3LThkMWY3ODQ2NTdmMSIsInNjb3BlIjoiZW1haWwgcHJvZmlsZSJ9.ayNpXdNX28qahodX1zowrMGiUCw2AodlHBQFqr8Ui7c","token_type":"bearer","not-before-policy":0,"session_state":"060d2862-14ed-42fe-baf7-8d1f784657f1","scope":"email profile"}
-```
-
-The interesting part here is the access token with the key `access_token`.
-This has to be passed as username (with parameter `-u`) and empty password to the CLI.
-
-## 5. Batch Operation of Cli
+## 4. Batch Operation of Cli
 
 -e parameter is designed for the Cli/shell tool in the situation where you would like to manipulate IoTDB in batches through scripts. By using the -e parameter, you can operate IoTDB without entering the cli's input mode.