Larry McCay created KNOX-3096:
---------------------------------
Summary: Remote Authentication Provider for Levaraging other Knox
Instances
Key: KNOX-3096
URL: https://issues.apache.org/jira/browse/KNOX-3096
Project: Apache Knox
Issue Type: Improvement
Components: Server
Reporter: Larry McCay
There are various possibilities for leveraging the authentication capabilities
across Knox instances. One compelling reason is for containerized Knox
instances within k8s that would like to accept CLIENT_ID and CLIENT_SECRET or
Passcode tokens but do not have a local database provisioned. These Knox
instances can accept the tokens by delegating the authentication to a remote
instance configured with the appropriate database or other details that may not
be available to all other instances.
It should allow for the configuration of all relevant possible items such as:
1. remote authentication server url (likely to the KNOX-AUTH-SERVICE API)
2. truststore location
3. truststore password/alias
4. headers to include in the call to the remote server from the request being
processed
5. expected headers from the response to include the user and groups
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
