You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Sandor Molnar (Jira)" <ji...@apache.org> on 2021/06/25 06:59:00 UTC
[jira] [Created] (KNOX-2624) Introducing token management page
Sandor Molnar created KNOX-2624:
-----------------------------------
Summary: Introducing token management page
Key: KNOX-2624
URL: https://issues.apache.org/jira/browse/KNOX-2624
Project: Apache Knox
Issue Type: Improvement
Affects Versions: 1.6.0
Reporter: Sandor Molnar
Assignee: Sandor Molnar
It'd be greate to add management capabilities through a table that contains all of the tokens for the authenticated user.
The Token Management page will contain a table of all active and disabled tokens for the authenticated user like this:
|token-id|comment|created|expiration|status|actions|
| | | | | | |
Token actions may include:
# Disable/Enable based on the current status
# Revoke
Actual tokens must not be rendered in the table and are only available for copying from the generation page. Since only hashes of the tokens are stored this is a hard requirement and a security best practice. If end-users lose access to their token, they should revoke it and generate a new one.
Users may be limited to a maximum number of tokens each. This must be a configurable option and default to a reasonable default number that may be changed by an admin. This configuration must accommodate no limit as well but will not default to this.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)