You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "Sandor Molnar (Jira)" <ji...@apache.org> on 2022/03/04 09:22:00 UTC

[jira] [Created] (KNOX-2713) Improve user limit handling when fetching Knox Tokens

Sandor Molnar created KNOX-2713:
-----------------------------------

             Summary: Improve user limit handling when fetching Knox Tokens
                 Key: KNOX-2713
                 URL: https://issues.apache.org/jira/browse/KNOX-2713
             Project: Apache Knox
          Issue Type: Improvement
          Components: Server
    Affects Versions: 1.6.0
            Reporter: Sandor Molnar
            Assignee: Sandor Molnar
             Fix For: 2.0.0


The current user limit behavior, which returns an error in case the user is trying to generate more tokens than he/she is allowed to, should be refined.

The plan is to introduce a new service-level parameter called {{{}knox.token.limit.exceeded.action{}}}. This new configuration may have the following values:
 * {{REMOVE_OLDEST}} - if that’s configured, the oldest token of the user, who the token is being generated for, will be removed
 * {{RETURN_ERROR}} - if that’s configured, Knox will return an error response with 403 error code (as it does today)

Defaults to {{{}RETURN_ERROR{}}}.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)