You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "Shi Wang (JIRA)" <ji...@apache.org> on 2017/04/06 20:58:41 UTC

[jira] [Updated] (KNOX-920) Make avatica service use default policies

     [ https://issues.apache.org/jira/browse/KNOX-920?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Shi Wang updated KNOX-920:
--------------------------
    Description: 
<policies>
<policy role="webappsec"/>
<policy role="authentication"/>
<policy role="rewrite"/>
<policy role="authorization"/>
</policies>
is lacking the identity-assertion role, which will append "doAs" or "user.name" in the end. Either we can remove the policies and use the default ones, which include the identity-assertion filter, or add identity-assertion in the policy.

> Make avatica service use default policies
> -----------------------------------------
>
>                 Key: KNOX-920
>                 URL: https://issues.apache.org/jira/browse/KNOX-920
>             Project: Apache Knox
>          Issue Type: Bug
>    Affects Versions: 0.11.0
>            Reporter: Shi Wang
>            Assignee: Shi Wang
>
> <policies>
> <policy role="webappsec"/>
> <policy role="authentication"/>
> <policy role="rewrite"/>
> <policy role="authorization"/>
> </policies>
> is lacking the identity-assertion role, which will append "doAs" or "user.name" in the end. Either we can remove the policies and use the default ones, which include the identity-assertion filter, or add identity-assertion in the policy.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)