You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@hbase.apache.org by "Josh Elser (Jira)" <ji...@apache.org> on 2022/01/13 22:28:00 UTC

[jira] [Created] (HBASE-26668) Define user experience for JWT renewal

Josh Elser created HBASE-26668:
----------------------------------

             Summary: Define user experience for JWT renewal
                 Key: HBASE-26668
                 URL: https://issues.apache.org/jira/browse/HBASE-26668
             Project: HBase
          Issue Type: Sub-task
            Reporter: Josh Elser
             Fix For: HBASE-26553


We need to define what our level of support will be for an HBase application which must run longer than the lifetime of a JWT token.

The JWT 2.0 RFCs mention different kinds of tokens, notably a Refresh token may be helpful [https://datatracker.ietf.org/doc/html/rfc8693]

This is inter-twined with HBASE-26667. For example, if we maintained a Refresh token in the client, we would have to build in logic (like we have for Kerberos credentials) to automatically launch a thread and know where to obtain a new JWT token from.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)