[
https://issues.apache.org/jira/browse/KNOX-2556?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17309140#comment-17309140
]
ASF subversion and git services commented on KNOX-2556:
-------------------------------------------------------
Commit 2eb336426eddae345060bf0b697f6971c685c497 in knox's branch
refs/heads/master from Philip Zampino
[ https://gitbox.apache.org/repos/asf?p=knox.git;h=2eb3364 ]
KNOX-2556 - Enhance JWTProvider to accept knox.id as Passcode Token (#424)
> Enhance JWTProvider to accept knox.id as Passcode Token
> -------------------------------------------------------
>
> Key: KNOX-2556
> URL: https://issues.apache.org/jira/browse/KNOX-2556
> Project: Apache Knox
> Issue Type: Improvement
> Components: Server
> Affects Versions: 1.6.0
> Reporter: Larry McCay
> Assignee: Philip Zampino
> Priority: Major
> Time Spent: 3h 20m
> Remaining Estimate: 0h
>
> This enhancement enables the use of the previously internal knox.id as a
> Passcode Token for accessing proxied resources as an Authorization Bearer
> token or HTTP Basic password. This id has been used to bind incoming
> KnoxTokens (JWT) that embed such an id to the metadata in the Token State
> Server in order to provide server side state management.
> The motivation for this is the fact that certain 3rd party BI tooling such as
> tableau not only have the inability to set a bearer token but also have size
> limitations on the password field used to collect the username and password
> credentials.
> We will need to enhance the current JWTProvider to not require an actual JWT
> but the Passcode Token will represent the same backend metadata.
> This does mean that Passcode Tokens can only be used with the Token State
> Server functionality enabled for both the KnoxToken service and the
> JWTProvider federation provider.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
