[
https://issues.apache.org/jira/browse/KNOX-1322?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Phil Zampino resolved KNOX-1322.
--------------------------------
Resolution: Fixed
The property *gateway.read.only.override.topologies* can be specified with a
list of one or more comma-delimited topology names. When a topology with one of
these names is requested from the Admin API, the result will include the
generated element with a *true* value to indicate that it should be treated as
read-only.
{noformat}
<property>
<name>gateway.read.only.override.topologies</name>
<value>knoxsso,admin,sandbox</value>
</property>{noformat}
> Support configuration property to forcibly treat topologies as read-only
> ------------------------------------------------------------------------
>
> Key: KNOX-1322
> URL: https://issues.apache.org/jira/browse/KNOX-1322
> Project: Apache Knox
> Issue Type: Bug
> Components: AdminUI, Server
> Affects Versions: 1.1.0
> Reporter: Phil Zampino
> Assignee: Phil Zampino
> Priority: Major
> Fix For: 1.1.0
>
>
> Define a property in gateway-site.xml to support the specification of a list
> of one or more topology names. These names represent well-known topologies
> which should be treated as read-only.
> The Admin API for getting a topology should reference this property, and for
> matching topologies, force the generated element value to be true.
> This has the side-effect of making these topologies read-only in the Admin UI.
> This can be used when Knox is managed by Ambari, to prevent admins from
> modifying Ambari-managed topologies (e.g., admin.xml, default.xml, etc...)
> via the Knox Admin UI. If this were permitted, then changes made using the
> Admin UI could be overwritten by Ambari at some subsequent point, which is
> probably not what an admin would expect.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
