[jira] [Updated] (KNOX-2713) Improve user limit handling when fetching Knox Tokens

[Sandor Molnar (Jira)]

     [ 
https://issues.apache.org/jira/browse/KNOX-2713?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sandor Molnar updated KNOX-2713:
--------------------------------
    Description: 
The current user limit behavior, which returns an error in case the user is 
trying to generate more tokens than he/she is allowed to, should be refined.

The plan is to introduce a new service-level parameter called 
{{{}knox.token.user.limit.exceeded.action{}}}. This new configuration may have 
the following values:
 * {{REMOVE_OLDEST}} - if that’s configured, the oldest token of the user, who 
the token is being generated for, will be removed
 * {{RETURN_ERROR}} - if that’s configured, Knox will return an error response 
with 403 error code (as it does today)

Defaults to {{{}RETURN_ERROR{}}}.

  was:
The current user limit behavior, which returns an error in case the user is 
trying to generate more tokens than he/she is allowed to, should be refined.

The plan is to introduce a new service-level parameter called 
{{{}knox.token.limit.exceeded.action{}}}. This new configuration may have the 
following values:
 * {{REMOVE_OLDEST}} - if that’s configured, the oldest token of the user, who 
the token is being generated for, will be removed
 * {{RETURN_ERROR}} - if that’s configured, Knox will return an error response 
with 403 error code (as it does today)

Defaults to {{{}RETURN_ERROR{}}}.


> Improve user limit handling when fetching Knox Tokens
> -----------------------------------------------------
>
>                 Key: KNOX-2713
>                 URL: https://issues.apache.org/jira/browse/KNOX-2713
>             Project: Apache Knox
>          Issue Type: Improvement
>          Components: Server
>    Affects Versions: 1.6.0
>            Reporter: Sandor Molnar
>            Assignee: Sandor Molnar
>            Priority: Major
>             Fix For: 2.0.0
>
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> The current user limit behavior, which returns an error in case the user is 
> trying to generate more tokens than he/she is allowed to, should be refined.
> The plan is to introduce a new service-level parameter called 
> {{{}knox.token.user.limit.exceeded.action{}}}. This new configuration may 
> have the following values:
>  * {{REMOVE_OLDEST}} - if that’s configured, the oldest token of the user, 
> who the token is being generated for, will be removed
>  * {{RETURN_ERROR}} - if that’s configured, Knox will return an error 
> response with 403 error code (as it does today)
> Defaults to {{{}RETURN_ERROR{}}}.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)