Impressive. Thanks a lot. larry mccay <[email protected]> schrieb am Fr. 21. Okt. 2016 um 20:00:
> This would absolutely work. > > The question is how you would expect to have the authenticated identity > propagated to the custom service. > In hadoop there is a common pattern for components like Knox to be a > "trusted proxy". > This requires kerberos authentication, the use of a query param called > doas to set the username. > Config on the REST service side explicitly identifies the servers that can > act on behalf of other users. > > All you have to do to add a new API to Knox is provide a service > definition and rewrite rules for making sure that requests go back through > Knox. > See: > https://cwiki.apache.org/confluence/display/KNOX/2015/12/17/Adding+a+service+to+Apache+Knox > > > On Fri, Oct 21, 2016 at 1:44 PM, Georg Heiler <[email protected]> > wrote: > > Hi, > I am curious if knox supports authenticating custom rest apis as well. I > would like to use knox as a sort of api gateway for a predictive > api exposed by http://predictionio.incubator.apache.org/index.html > > - does this work? > - what amount of latency is added? > > Kind Regards, > Georg > > >
