[jira] [Commented] (KNOX-1559) Create Dispatch implementation that is configurable via service.xml file

Mon, 19 Nov 2018 15:16:14 -0800 


    [ 
https://issues.apache.org/jira/browse/KNOX-1559?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16692409#comment-16692409
 ] 

Kevin Risden commented on KNOX-1559:
------------------------------------

Not sure I follow this part "In the case of Kerberos authentication, Knox will 
want to wait for a challenge from the destination service." If I understand 
correctly, Knox will perform Kerberos authentication with the end client and 
then will perform Kerberos authentication with the backend. There is no passing 
Kerberos all the way through Knox. This operates the same as the basic 
authentication case where Knox will determine the identity of the user before 
passing to the backend. 

> Create Dispatch implementation that is configurable via service.xml file
> ------------------------------------------------------------------------
>
>                 Key: KNOX-1559
>                 URL: https://issues.apache.org/jira/browse/KNOX-1559
>             Project: Apache Knox
>          Issue Type: Improvement
>            Reporter: Robert Levas
>            Assignee: Kevin Risden
>            Priority: Major
>              Labels: ambari
>             Fix For: 1.3.0
>
>         Attachments: KNOX-1559.patch
>
>
> Create a {{org.apache.knox.gateway.dispatch.Dispatch}} implementation that is 
> configurable via metadata file (for example, {{service.xml}}).   Configurable 
> parameters should be 
> * headers to exclude when forwarding requests
> * whether parameters should URL-encoded or not
> Such an implementation should be able to make at least the following Dispatch 
> implementations obsolete:
> * org.apache.knox.gateway.dispatch.PassAllHeadersNoEncodingDispatch
> * org.apache.knox.gateway.dispatch.PassAllHeadersDispatch
> A possible declaration could be:
> {code}
>     <dispatch 
> classname="org.apache.knox.gateway.dispatch.ConfigurableDispatch">
>        <property>
>            <name>excludeHeaders<name>
>            <value>Authorization, Content-Length</value>
>        </property>
>        <property>
>            <name>removeUrlEncoding<name>
>            <value>false</value>
>        </property>
>     </dispatch>
> {code}
> Or maybe
> {code}
>     <dispatch 
> classname="org.apache.knox.gateway.dispatch.ConfigurableDispatch" 
> removeUrlEncoding="true" excludeHeaders="Authorization, Content-Length" />
> {code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to