[jira] [Work logged] (KNOX-2664) Users should revoke their own tokens

Wed, 15 Sep 2021 04:43:18 -0700 


     [ 
https://issues.apache.org/jira/browse/KNOX-2664?focusedWorklogId=651034&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-651034
 ]

ASF GitHub Bot logged work on KNOX-2664:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 15/Sep/21 11:42
            Start Date: 15/Sep/21 11:42
    Worklog Time Spent: 10m 
      Work Description: smolnar82 opened a new pull request #495:
URL: https://github.com/apache/knox/pull/495


   ## What changes were proposed in this pull request?
   
   Users can revoke tokens created for them even they are not listed in 
`knox.token.renewer.whitelist`
   ## How was this patch tested?
   
   Added a new JUnit test case and ran manual test steps:
   
   1. installed the new version of Knox
   2. logged into the Knox Home page as `guest` (this user is not added into 
`knox.token.renewer.whitelist` in to `homepage` topology)
   3. generated a token on the token generation page
   4. revoked the previously generated token on the token management page 
successfully
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


Issue Time Tracking
-------------------

            Worklog Id:     (was: 651034)
    Remaining Estimate: 0h
            Time Spent: 10m

> Users should revoke their own tokens
> ------------------------------------
>
>                 Key: KNOX-2664
>                 URL: https://issues.apache.org/jira/browse/KNOX-2664
>             Project: Apache Knox
>          Issue Type: Improvement
>    Affects Versions: 1.6.0
>            Reporter: Sandor Molnar
>            Assignee: Sandor Molnar
>            Priority: Critical
>             Fix For: 1.6.0
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> Currently, to revoke a token the user who initiated the request should be 
> added into {{knox.token.renewer.whitelist}}. It's very reasonable and useful 
> to allow a user to revoke their own token(s) w/o the need to add them to 
> {{knox.token.renewer.whitelist}}.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to