You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Phil Zampino (JIRA)" <ji...@apache.org> on 2017/12/01 15:44:00 UTC
[jira] [Assigned] (KNOX-1136) Provision Consistent Credentials For
Generated Topologies
[ https://issues.apache.org/jira/browse/KNOX-1136?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Phil Zampino reassigned KNOX-1136:
----------------------------------
Assignee: Phil Zampino
> Provision Consistent Credentials For Generated Topologies
> ---------------------------------------------------------
>
> Key: KNOX-1136
> URL: https://issues.apache.org/jira/browse/KNOX-1136
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 0.14.0
> Reporter: Phil Zampino
> Assignee: Phil Zampino
> Fix For: 0.14.0
>
>
> For Knox HA scenarios, the password used to encrypt/decrypt query params MUST be the same across all of the participating Knox instances. Today, synching these passwords is a manual activity.
> With Knox now discovering descriptors from remote registries, requiring an admin to manually configure the credential store for each participating Knox instance prior to deploying the descriptor to the remote registry limits the usefulness of this new feature and introduces potential for frequent failed deployments.
> Knox can pre-provision a password for a topology prior to the generation of that topology, based on the master secret, in a manner which will be consistent across all the participating Knox instances.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)