You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Sumit Gupta (JIRA)" <ji...@apache.org> on 2016/12/20 22:06:58 UTC
[jira] [Created] (KNOX-824) WebAppSec providers don't work with
Jersey based services
Sumit Gupta created KNOX-824:
--------------------------------
Summary: WebAppSec providers don't work with Jersey based services
Key: KNOX-824
URL: https://issues.apache.org/jira/browse/KNOX-824
Project: Apache Knox
Issue Type: Bug
Reporter: Sumit Gupta
The following configuration doesn't get applied in deployment (thus doesn't affect the topology) for a Jersey based service in a topology file.
{code}
<provider>
<role>webappsec</role>
<name>WebAppSec</name>
<enabled>true</enabled>
<param><name>csrf.enabled</name><value>true</value></param>
<param><name>csrf.customHeader</name><value>X-XSRF-Header</value></param>
<param><name>csrf.methodsToIgnore</name><value>GET,OPTIONS,HEAD</value></param>
<param><name>cors.enabled</name><value>true</value></param>
<param><name>xframe-options.enabled</name><value>true</value></param>
</provider>
{code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)