[jira] [Updated] (KNOX-2211) AliasBasedTokenStateService should not store all tokens in the gateway credential store

Tue, 10 Mar 2020 15:37:23 -0700 


     [ 
https://issues.apache.org/jira/browse/KNOX-2211?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Philip Zampino updated KNOX-2211:
---------------------------------
    Description: 
Currently, the AliasBasedTokenStateService persists all token state in the 
gateway's central credential store rather than a topology-specific credential 
store. This was done because the providers that also employ the 
TokenStateService do not know from which topology a token was produced, and 
therefore have not enough information to correctly specify a topology 
credential store.

It may be possible to include this missing topology information in the tokens 
themselves, such that the providers (or the TokenStateService) would be able to 
correctly specify the topology credential store.

  was:
Currently, the AliasBasedTokenStateService persists all token state in the 
gateway credential store. This was done because the providers that also employ 
the TokenStateService do not know from which topology a token was produced, and 
therefore have not enough information to correctly specify a topology 
credential store.

It may be possible to include this missing topology information in the tokens 
themselves, such that the providers (or the TokenStateService) would be able to 
correctly specify the topology credential store.


> AliasBasedTokenStateService should not store all tokens in the gateway 
> credential store
> ---------------------------------------------------------------------------------------
>
>                 Key: KNOX-2211
>                 URL: https://issues.apache.org/jira/browse/KNOX-2211
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: Server
>    Affects Versions: 1.4.0
>            Reporter: Philip Zampino
>            Assignee: Philip Zampino
>            Priority: Major
>
> Currently, the AliasBasedTokenStateService persists all token state in the 
> gateway's central credential store rather than a topology-specific credential 
> store. This was done because the providers that also employ the 
> TokenStateService do not know from which topology a token was produced, and 
> therefore have not enough information to correctly specify a topology 
> credential store.
> It may be possible to include this missing topology information in the tokens 
> themselves, such that the providers (or the TokenStateService) would be able 
> to correctly specify the topology credential store.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to