[
https://issues.apache.org/jira/browse/KNOX-1550?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16684241#comment-16684241
]
Kevin Risden commented on KNOX-1550:
------------------------------------
Was able to test this by doing the following:
* gateway-site.xml added:
**
{code:java}
<property>
<name>gateway.client.auth.wanted</name>
<value>true</value>
</property>{code}
* curl -Lki --key client_key.pem --cert client_public.pem
’[https://localhost:8443/gateway/test/webhdfs/v1/']
* Ended up with the following in gateway-audit.log
**
{noformat}
18/11/12 13:49:50
||c82a22ab-4c2a-4c3b-b9ba-b92dbf0a85ae|audit|0:0:0:0:0:0:0:1|WEBHDFS|CN=admin,
OU=Unknown, O=Unknown, L=Unknown, ST=Unknown,
C=Unknown|||access|uri|/gateway/test/webhdfs/v1/|failure|{noformat}
** The failure is from not having webhdfs behind it. The audit works correctly
though
> TLS/SSL clientAuth provider
> ---------------------------
>
> Key: KNOX-1550
> URL: https://issues.apache.org/jira/browse/KNOX-1550
> Project: Apache Knox
> Issue Type: New Feature
> Reporter: Kevin Risden
> Assignee: Kevin Risden
> Priority: Major
> Fix For: 1.3.0
>
> Attachments: KNOX-1550.patch, KNOX-1550.patch, KNOX-1550.patch
>
>
> The ability to identify a user based on the CN of a clientAuth certificate
> could be useful.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
