[
https://issues.apache.org/jira/browse/KNOX-2726?focusedWorklogId=772971&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-772971
]
ASF GitHub Bot logged work on KNOX-2726:
----------------------------------------
Author: ASF GitHub Bot
Created on: 20/May/22 18:35
Start Date: 20/May/22 18:35
Worklog Time Spent: 10m
Work Description: moresandeep commented on code in PR #579:
URL: https://github.com/apache/knox/pull/579#discussion_r878446759
##########
gateway-provider-identity-assertion-common/pom.xml:
##########
@@ -85,8 +85,23 @@
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-util</artifactId>
</dependency>
+ <dependency>
+ <groupId>org.jboss.shrinkwrap.descriptors</groupId>
Review Comment:
Has to be compile time
```
[INFO] 1 error
[INFO] -------------------------------------------------------------
[INFO]
------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO]
------------------------------------------------------------------------
[INFO] Total time: 20.275 s
[INFO] Finished at: 2022-05-20T14:30:24-04:00
[INFO]
------------------------------------------------------------------------
[WARNING] The requested profile "install" could not be activated because it
does not exist.
[ERROR] Failed to execute goal
org.apache.maven.plugins:maven-compiler-plugin:3.8.1:compile (default-compile)
on project gateway-provider-identity-assertion-common: Compilation failure
[ERROR]
/knox/gateway-provider-identity-assertion-common/src/main/java/org/apache/knox/gateway/identityasserter/common/filter/AbstractIdentityAsserterDeploymentContributor.java:[89,32]
cannot access org.jboss.shrinkwrap.descriptor.api.webapp30.WebAppDescriptor
[ERROR] class file for
org.jboss.shrinkwrap.descriptor.api.webapp30.WebAppDescriptor not found
```
Issue Time Tracking
-------------------
Worklog Id: (was: 772971)
Time Spent: 1h 40m (was: 1.5h)
> Impersonation Params Declared by Service Definitions
> ----------------------------------------------------
>
> Key: KNOX-2726
> URL: https://issues.apache.org/jira/browse/KNOX-2726
> Project: Apache Knox
> Issue Type: Improvement
> Components: Server
> Affects Versions: 1.6.0
> Reporter: Philip Zampino
> Assignee: Sandeep More
> Priority: Major
> Time Spent: 1h 40m
> Remaining Estimate: 0h
>
> _org.apache.knox.gateway.identityasserter.common.filter.IdentityAsserterHttpServletRequestWrapper#getImpersonationParamNames()_
> has the following comment:
> {noformat}
> // TODO: let's have service definitions register their impersonation
> // params in a future release and get this list from a central registry.
> // This will provide better coverage of protection by removing any
> // pre-populated impersonation params.{noformat}
> Currently, Knox excludes some well-known impersonation request parameters
> from proxied requests. Rather than maintaining a hard-coded list of these
> params, service definitions should be able to declare them such that they
> would be available at runtime to
> {_}org.apache.knox.gateway.identityasserter.common.filter.IdentityAsserterHttpServletRequestWrapper{_}.
> This will allow service-specific impersonation parameter details to be
> defined by the service definitions, and eliminate the need for Knox runtime
> code changes when new impersonation params need to be handled.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
