You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@knox.apache.org by Latha Appanna <la...@gmail.com> on 2017/09/01 04:36:31 UTC

Re: How to add a http header in all the responses from knox

Thanks Larry, I have opened https://issues.apache.org/jira/browse/KNOX-1017
for this. will update once I'm ready with the patch.

On Tue, Aug 29, 2017 at 5:36 PM, larry mccay <lm...@apache.org> wrote:

> Hi Latha -
>
> I see.
> This is a good candidate to add to the WebAppSec Provider:
> https://github.com/apache/knox/tree/master/gateway-provider-security-
> webappsec/src/main/java/org/apache/hadoop/gateway/webappsec
>
> This will allow you to set it for all the services in a topology.
>
> You can use the others in the filter subpackage as an example and you will
> need to extend the deployment contributor to take the configuration to
> enable that particular filter in the generated webapp. See the
> WebAppSecContributor in the deploy subpackage. Add similar config support
> and your new filter.
>
> File a JIRA for it and set the Fix version to 0.14.0 for now and
> contribute the patch.
>
> HTH,
>
> --larry
>
> On Tue, Aug 29, 2017 at 7:05 AM, Latha Appanna <la...@gmail.com>
> wrote:
>
>>  Hi Larry,
>>
>> We want to add this header for all services, but if its possible to do
>> for a specific service now, please let me know on how we can add it to this
>> using a rewrite function?
>>
>> Thanks,
>> Latha
>>
>> On Tue, Aug 29, 2017 at 10:20 AM, Latha Appanna <la...@gmail.com>
>> wrote:
>>
>>> Hi Larry,
>>>
>>>
>>> We want to have "Strict-Transport-Security" header in knox reponses for
>>> all the services being proxied by KNOX for security purpose. Thanks
>>>
>>> On Mon, Aug 28, 2017 at 5:43 PM, larry mccay <lm...@apache.org> wrote:
>>>
>>>> Hi Latha -
>>>>
>>>> I don't believe there is any way to do this currently.
>>>> I'd be interested in the usecase where the client is looking for a
>>>> header that isn't being returned by the actual service being proxied.
>>>>
>>>> If it is for a specific service that you need to do this for then we
>>>> could potentially look into a rewrite function to add a header.
>>>> Then you would add it to the service definition.
>>>>
>>>> If it is for all services being proxied by Knox then we would need to
>>>> look for a central configuration and injection point.
>>>> Maybe we could add something in the DefaultDispatch we could
>>>> interrogate the GatewayConfig and decide what headers to add.
>>>>
>>>> thanks,
>>>>
>>>> --larry
>>>>
>>>> On Mon, Aug 28, 2017 at 5:36 AM, Latha Appanna <la...@gmail.com>
>>>> wrote:
>>>>
>>>>> I did not find any documentation on how to add a http header in all
>>>>> responses from knox, please let me know on how to do it. Thanks
>>>>>
>>>>
>>>>
>>>
>>
>