[
https://issues.apache.org/jira/browse/KNOX-2703?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17478120#comment-17478120
]
ASF subversion and git services commented on KNOX-2703:
-------------------------------------------------------
Commit 2426bd493feef9fd6d3f3041cfbaea7503e4c15e in knox's branch
refs/heads/master from Sandor Molnar
[ https://gitbox.apache.org/repos/asf?p=knox.git;h=2426bd4 ]
KNOX-2703 - Configuring JWT type at creation/verification time (#532)
> Make acceptable JWT types configurable
> --------------------------------------
>
> Key: KNOX-2703
> URL: https://issues.apache.org/jira/browse/KNOX-2703
> Project: Apache Knox
> Issue Type: New Feature
> Components: Server
> Affects Versions: 1.6.0, 1.6.1, 1.6.2
> Reporter: Sandor Molnar
> Assignee: Sandor Molnar
> Priority: Critical
> Fix For: 2.0.0
>
> Time Spent: 40m
> Remaining Estimate: 0h
>
> With KNOX-2149, one can define their own JWKS URL which Knox can use for
> verification.
> However, the current implementation only supports JWTs with {{"typ: JWT"}} in
> their headers (or not type definition at all). In previous JOSE versions,
> there were other supported types such as {{{}at+jwt{}}}.
> It'd be beneficial to have the list of allowed JWT types defined on the
> topology level. If not defined, Knox should use the current default
> ({{{}JWT{}}}).
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
