You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Larry McCay (JIRA)" <ji...@apache.org> on 2016/04/02 16:34:25 UTC
[jira] [Updated] (KNOX-698) Deterministic default provider
selection model
[ https://issues.apache.org/jira/browse/KNOX-698?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Larry McCay updated KNOX-698:
-----------------------------
Fix Version/s: (was: 0.9.0)
Future
> Deterministic default provider selection model
> ----------------------------------------------
>
> Key: KNOX-698
> URL: https://issues.apache.org/jira/browse/KNOX-698
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 0.9.0
> Reporter: Kevin Minder
> Fix For: Future
>
>
> Currently the algorithem by which Knox selects a provider when one one is not explicitly identified either by the deployment contributor or a topology is essentially random.
> 1. This frequently leads to confusions when runtime failures occur because an unexpected identity-assertion provider is selected. You can see the results of this in that we have been forced to explicitly identify the "Default" identity-assertion provider in all of our "out of the box" topology files.
> 2. While implementing KNOX-670 this also became inconvenient. In the simplest of cases, "stock" applications may be used and no "policies" may be required. That is no <gateway> section would be required in the topology file and no special meta-data would need to be added to the application. Currently you have to explicitly specify the "Default" identity-assertion and the "Anonymous" authentication providers otherwise unexpected results occur.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)