[
https://issues.apache.org/jira/browse/KNOX-2624?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandor Molnar updated KNOX-2624:
--------------------------------
Status: Patch Available (was: In Progress)
> Introducing token management page
> ---------------------------------
>
> Key: KNOX-2624
> URL: https://issues.apache.org/jira/browse/KNOX-2624
> Project: Apache Knox
> Issue Type: Improvement
> Affects Versions: 1.6.0
> Reporter: Sandor Molnar
> Assignee: Sandor Molnar
> Priority: Critical
> Time Spent: 10m
> Remaining Estimate: 0h
>
> It'd be greate to add management capabilities through a table that contains
> all of the tokens for the authenticated user.
> The Token Management page will contain a table of all active and disabled
> tokens for the authenticated user like this:
> |token-id|comment|created|expiration|status|actions|
> | | | | | | |
> Token actions may include:
> # Disable/Enable based on the current status
> # Revoke
> Actual tokens must not be rendered in the table and are only available for
> copying from the generation page. Since only hashes of the tokens are stored
> this is a hard requirement and a security best practice. If end-users lose
> access to their token, they should revoke it and generate a new one.
> Users may be limited to a maximum number of tokens each. This must be a
> configurable option and default to a reasonable default number that may be
> changed by an admin. This configuration must accommodate no limit as well but
> will not default to this.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
