[ 
https://issues.apache.org/jira/browse/KNOX-2413?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sandor Molnar updated KNOX-2413:
--------------------------------
    Description: 
There is a need for adding JWT support in the HadoopAuth security provider as 
follows: if the incoming request has a valid JWT token (as a {{bearer}} token) 
extracted from the {{Authorization}} header the request is then processed on 
behalf of the user represented by the JWT token (using the existing JWT 
federation provider). If there is no _valid_ JWT token, the {{HadoopAuth}} 
authentication filter should do its job as it does today.

The ability to implement a general composite authentication provider is 
discussed in KNOX-2411, but we agreed that such a provider would need more 
planning and maybe a KIP so that this feature should be targeted in a separate 
JIRA.

  was:
There is a need for adding JWT support in the HadoopAuth security provider s 
follows: if the incoming request has a valid JWT token (as a {{bearer}} token) 
extracted from the {{Authorization}} header the request is then processed on 
behalf of the user represented by the JWT token (using the existing JWT 
federation provider). If there is no _valid_ JWT token, the {{HadoopAuth}} 
authentication filter should do its job as it does today.

The ability to implement a general composite authentication provider is 
discussed in KNOX-2411, but we agreed that such a provider would need more 
planning and maybe a KIP so that this feature should be targeted in a separate 
JIRA.


> Add JWT support for HadoopAuth provider
> ---------------------------------------
>
>                 Key: KNOX-2413
>                 URL: https://issues.apache.org/jira/browse/KNOX-2413
>             Project: Apache Knox
>          Issue Type: New Feature
>          Components: Server
>    Affects Versions: 1.5.0
>            Reporter: Sandor Molnar
>            Assignee: Sandor Molnar
>            Priority: Major
>             Fix For: 1.5.0
>
>
> There is a need for adding JWT support in the HadoopAuth security provider as 
> follows: if the incoming request has a valid JWT token (as a {{bearer}} 
> token) extracted from the {{Authorization}} header the request is then 
> processed on behalf of the user represented by the JWT token (using the 
> existing JWT federation provider). If there is no _valid_ JWT token, the 
> {{HadoopAuth}} authentication filter should do its job as it does today.
> The ability to implement a general composite authentication provider is 
> discussed in KNOX-2411, but we agreed that such a provider would need more 
> planning and maybe a KIP so that this feature should be targeted in a 
> separate JIRA.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to