You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2016/12/20 22:26:58 UTC
[jira] [Commented] (KNOX-824) WebAppSec providers don't work with
Jersey based services
[ https://issues.apache.org/jira/browse/KNOX-824?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15765425#comment-15765425 ]
ASF subversion and git services commented on KNOX-824:
------------------------------------------------------
Commit 9f08a22e2d1366ff7ce4fcd27ef0399a7bc4a0ad in knox's branch refs/heads/master from [~sumit.gupta]
[ https://git-wip-us.apache.org/repos/asf?p=knox.git;h=9f08a22 ]
KNOX-824 Added WebAppSec provider capability to Jersey service deployments
> WebAppSec providers don't work with Jersey based services
> ---------------------------------------------------------
>
> Key: KNOX-824
> URL: https://issues.apache.org/jira/browse/KNOX-824
> Project: Apache Knox
> Issue Type: Bug
> Reporter: Sumit Gupta
> Assignee: Sumit Gupta
> Fix For: 0.11.0
>
>
> The following configuration doesn't get applied in deployment (thus doesn't affect the topology) for a Jersey based service in a topology file.
> {code}
> <provider>
> <role>webappsec</role>
> <name>WebAppSec</name>
> <enabled>true</enabled>
> <param><name>csrf.enabled</name><value>true</value></param>
> <param><name>csrf.customHeader</name><value>X-XSRF-Header</value></param>
> <param><name>csrf.methodsToIgnore</name><value>GET,OPTIONS,HEAD</value></param>
> <param><name>cors.enabled</name><value>true</value></param>
> <param><name>xframe-options.enabled</name><value>true</value></param>
> </provider>
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)