You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "Philip Zampino (Jira)" <ji...@apache.org> on 2020/03/10 22:37:00 UTC

[jira] [Updated] (KNOX-2211) AliasBasedTokenStateService should not store all tokens in the gateway credential store

     [ https://issues.apache.org/jira/browse/KNOX-2211?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Philip Zampino updated KNOX-2211:
---------------------------------
    Description: 
Currently, the AliasBasedTokenStateService persists all token state in the gateway's central credential store rather than a topology-specific credential store. This was done because the providers that also employ the TokenStateService do not know from which topology a token was produced, and therefore have not enough information to correctly specify a topology credential store.

It may be possible to include this missing topology information in the tokens themselves, such that the providers (or the TokenStateService) would be able to correctly specify the topology credential store.

  was:
Currently, the AliasBasedTokenStateService persists all token state in the gateway credential store. This was done because the providers that also employ the TokenStateService do not know from which topology a token was produced, and therefore have not enough information to correctly specify a topology credential store.

It may be possible to include this missing topology information in the tokens themselves, such that the providers (or the TokenStateService) would be able to correctly specify the topology credential store.


> AliasBasedTokenStateService should not store all tokens in the gateway credential store
> ---------------------------------------------------------------------------------------
>
>                 Key: KNOX-2211
>                 URL: https://issues.apache.org/jira/browse/KNOX-2211
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: Server
>    Affects Versions: 1.4.0
>            Reporter: Philip Zampino
>            Assignee: Philip Zampino
>            Priority: Major
>
> Currently, the AliasBasedTokenStateService persists all token state in the gateway's central credential store rather than a topology-specific credential store. This was done because the providers that also employ the TokenStateService do not know from which topology a token was produced, and therefore have not enough information to correctly specify a topology credential store.
> It may be possible to include this missing topology information in the tokens themselves, such that the providers (or the TokenStateService) would be able to correctly specify the topology credential store.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)