diff --git a/docs/automate/cmemc-command-line-interface/configuration/file-based-configuration/index.md b/docs/automate/cmemc-command-line-interface/configuration/file-based-configuration/index.md index 6f4eb533..ee34fa3c 100644 --- a/docs/automate/cmemc-command-line-interface/configuration/file-based-configuration/index.md +++ b/docs/automate/cmemc-command-line-interface/configuration/file-based-configuration/index.md @@ -269,3 +269,12 @@ Setting this to a PEM file allows for using private Certificate Authorities for Please refer to [Certificate handling and SSL verification](../certificate-handling-and-ssl-verification/index.md) for more information. This variable defaults to `$PYTHON_HOME/site-packages/certifi/cacert.pem`. + + +#### CMEMC_CUSTOM_HEADER_* + +Enabling this setting ensures that all HTTP requests made by cmemc include the specified custom headers. + +The CMEMC_CUSTOM_HEADER_ prefix is automatically removed, so only the header name (*) is used in the request. + +By default, this variable is set to none. diff --git a/docs/automate/cmemc-command-line-interface/configuration/getting-credentials-from-external-processes/index.md b/docs/automate/cmemc-command-line-interface/configuration/getting-credentials-from-external-processes/index.md index 1995b8b9..59fb02ae 100644 --- a/docs/automate/cmemc-command-line-interface/configuration/getting-credentials-from-external-processes/index.md +++ b/docs/automate/cmemc-command-line-interface/configuration/getting-credentials-from-external-processes/index.md @@ -6,6 +6,7 @@ tags: - Security - cmemc --- + # Getting Credentials from External Processes ## Introduction @@ -60,6 +61,7 @@ In order to get credential information from an external process you need to use - `OAUTH_PASSWORD_PROCESS`, to set up the process to get the user password when using the `password` grant type. - `OAUTH_CLIENT_SECRET_PROCESS`, to set up the process to get the client secret when using `client_credentials` grant type . - `OAUTH_ACCESS_TOKEN_PROCESS`, to set up the process to get the direct access token (`prefetched_token`). +- `CMEMC_CUSTOM_HEADER_*_PROCESS` to set up the process to get custom http headers if needed (the `*` needs to be replaced with the correct header name using all uppercase and `_` instead of `-`, e.g. `CMEMC_CUSTOM_HEADER_CF_ACCESS_TOKEN_PROCESS` for the `cf-access-token` header variable) The credential executable can use the other cmemc environment keys of the configuration block for fetching the credentials (e.g. `CMEM_BASE_URI` and `OAUTH_USER`). @@ -87,6 +89,8 @@ OAUTH_CLIENT_ID=cmem-service-account OAUTH_CLIENT_SECRET_PROCESS=["getpass.sh", "parameter1", "parameter2"] ``` +Note: You need to define a named connection for this to take effect. Using the `[DEFAULT]` section fallback will not execute the process. + ### Example: MacOS Keychain Here is a working example with the MacOS Keychain, which can be queried with the command line tool `security`. diff --git a/docs/release-notes/corporate-memory-26-1/index.md b/docs/release-notes/corporate-memory-26-1/index.md index afcca2a3..bf2f39c0 100644 --- a/docs/release-notes/corporate-memory-26-1/index.md +++ b/docs/release-notes/corporate-memory-26-1/index.md @@ -34,7 +34,7 @@ This release delivers the following component versions: - eccenca DataIntegration v26.1.0 - eccenca Explore v26.1.1 -- eccenca Corporate Memory Control (cmemc) v26.1.1 +- eccenca Corporate Memory Control (cmemc) v26.1.2 - eccenca Graph Insights v19.2.0 We tested this release with the following dependency components: @@ -221,10 +221,17 @@ We are pleased to announce the release of Explore v26.1, which introduces badges - SPARQL Excel downloads now have clean file names. - Notifications are now more robust when given non-string input. -## eccenca Corporate Memory Control (cmemc) v26.1.0 +## eccenca Corporate Memory Control (cmemc) v26.1.2 We are excited to announce the release of cmemc v26.1, which expands access-condition administration, adds richer project and query catalog operations, and improves list and output consistency across the CLI. +**v26.1.2 of cmemc ships the following features:** + +- Support for arbitrary custom HTTP request headers via `CMEMC_CUSTOM_HEADER_*` environment variables and config keys + - Header name is derived from the suffix by replacing underscores with hyphens (e.g. `CMEMC_CUSTOM_HEADER_CF_ACCESS_CLIENT_ID` → `CF-ACCESS-CLIENT-ID`) + - Protected headers (`Authorization`, `User-Agent`) cannot be overridden and raise a configuration error + - Custom headers are cleared when switching connections + **v26.1.1 of cmemc ships the following fixes:** - `workflow status` command