You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Sandor Molnar (Jira)" <ji...@apache.org> on 2021/07/08 20:14:00 UTC
[jira] [Updated] (KNOX-2624) Introducing token management page
[ https://issues.apache.org/jira/browse/KNOX-2624?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sandor Molnar updated KNOX-2624:
--------------------------------
Status: Patch Available (was: In Progress)
> Introducing token management page
> ---------------------------------
>
> Key: KNOX-2624
> URL: https://issues.apache.org/jira/browse/KNOX-2624
> Project: Apache Knox
> Issue Type: Improvement
> Affects Versions: 1.6.0
> Reporter: Sandor Molnar
> Assignee: Sandor Molnar
> Priority: Critical
> Time Spent: 10m
> Remaining Estimate: 0h
>
> It'd be greate to add management capabilities through a table that contains all of the tokens for the authenticated user.
> The Token Management page will contain a table of all active and disabled tokens for the authenticated user like this:
> |token-id|comment|created|expiration|status|actions|
> | | | | | | |
> Token actions may include:
> # Disable/Enable based on the current status
> # Revoke
> Actual tokens must not be rendered in the table and are only available for copying from the generation page. Since only hashes of the tokens are stored this is a hard requirement and a security best practice. If end-users lose access to their token, they should revoke it and generate a new one.
> Users may be limited to a maximum number of tokens each. This must be a configurable option and default to a reasonable default number that may be changed by an admin. This configuration must accommodate no limit as well but will not default to this.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)