z-york commented on a change in pull request #142: [LIVY-552][WIP] Add
JWTFilter to validate incoming JWT tokens
URL: https://github.com/apache/incubator-livy/pull/142#discussion_r252408592
##########
File path: server/src/main/scala/org/apache/livy/LivyConf.scala
##########
@@ -168,6 +168,10 @@ object LivyConf {
val THRIFT_DELEGATION_TOKEN_RENEW_INTERVAL =
Entry("livy.server.thrift.delegation.token.renew-interval", "1d")
+ val JWT_FILTER_ENABLED = Entry("livy.jwt.filter.enabled", false)
+ val JWT_HEADER_NAME = Entry("livy.jwt.header.name", "Authentication")
+ val JWT_SIGNATURE_PUBLIC_KEY_PATH = Entry("livy.jwt.public-key.path", null)
Review comment:
Do you mean allowing users to specify a list of public keys to workaround
having to restart livy when a particular key is rotated? I think it's an
interesting idea, but would require other changes to work (currently the key is
read in once from the path and not refreshed, this would require some refresh
mechanism). Anyways, I think this can be a separate feature request/JIRA after
this one gets in.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
