You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2021/09/15 11:43:00 UTC

[jira] [Work logged] (KNOX-2664) Users should revoke their own tokens

     [ https://issues.apache.org/jira/browse/KNOX-2664?focusedWorklogId=651034&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-651034 ]

ASF GitHub Bot logged work on KNOX-2664:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 15/Sep/21 11:42
            Start Date: 15/Sep/21 11:42
    Worklog Time Spent: 10m 
      Work Description: smolnar82 opened a new pull request #495:
URL: https://github.com/apache/knox/pull/495


   ## What changes were proposed in this pull request?
   
   Users can revoke tokens created for them even they are not listed in `knox.token.renewer.whitelist`
   ## How was this patch tested?
   
   Added a new JUnit test case and ran manual test steps:
   
   1. installed the new version of Knox
   2. logged into the Knox Home page as `guest` (this user is not added into `knox.token.renewer.whitelist` in to `homepage` topology)
   3. generated a token on the token generation page
   4. revoked the previously generated token on the token management page successfully
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@knox.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


Issue Time Tracking
-------------------

            Worklog Id:     (was: 651034)
    Remaining Estimate: 0h
            Time Spent: 10m

> Users should revoke their own tokens
> ------------------------------------
>
>                 Key: KNOX-2664
>                 URL: https://issues.apache.org/jira/browse/KNOX-2664
>             Project: Apache Knox
>          Issue Type: Improvement
>    Affects Versions: 1.6.0
>            Reporter: Sandor Molnar
>            Assignee: Sandor Molnar
>            Priority: Critical
>             Fix For: 1.6.0
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> Currently, to revoke a token the user who initiated the request should be added into {{knox.token.renewer.whitelist}}. It's very reasonable and useful to allow a user to revoke their own token(s) w/o the need to add them to {{knox.token.renewer.whitelist}}.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)