Thanks for the reply Larry. On Tue, May 23, 2017 at 6:10 PM, larry mccay <[email protected]> wrote:
> > I think it should - if not please file a JIRA and provide a patch if you > like. > Done (https://issues.apache.org/jira/browse/KNOX-948). I did some refactoring of the two JWT filters so that they share common code, and incorporated this as part of the patch. > > So supporting 3rd parties will need to either: > * be a subset of their supported capabilities > * require a lot of testing to extend the above support > > With all of that said, I would not be opposed to making it configurable > and I would be all for verifying that we can support tokens from 3rd > parties! > OK great. I will do some work in this area and do some interop testing while I'm at it. Colm. > > Thanks, > > --larry > > > On Tue, May 23, 2017 at 12:39 PM, Colm O hEigeartaigh <[email protected] > > wrote: > >> Hi all, >> >> The JWTFederationFilter mandates that the issuer of the JWT must be >> "KNOXSSO". Two question on this: >> >> a) Why does the SSOCookieFederationFilter not impose the same requirement? >> b) IMO we should make the issuer configurable (it can default to >> "KNOXSSO"). That opens up the filter to work with third party JWT >> providers. WDYT? >> >> Colm. >> >> >> >> >> -- >> Colm O hEigeartaigh >> >> Talend Community Coder >> http://coders.talend.com >> > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
