Sandor Molnar created KNOX-2703:
-----------------------------------
Summary: Make acceptable JWT types configurable
Key: KNOX-2703
URL: https://issues.apache.org/jira/browse/KNOX-2703
Project: Apache Knox
Issue Type: New Feature
Components: Server
Affects Versions: 1.6.0, 1.6.1, 1.6.2
Reporter: Sandor Molnar
Assignee: Sandor Molnar
Fix For: 2.0.0
With KNOX-2149, one can define their own JKW URL which Knox can use for
verification.
However, the current implementation only supports JWT's with {{"typ: JWT"}} in
their headers. In previous JOSE versions, there were other supported types such
as {{{}at+jwt{}}}.
It'd be beneficial to have the list of allowed JWT types defined on the
topology level. If not defined, Knox should use to the current default
({{{}JWT{}}}).
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
