You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "Sandor Molnar (Jira)" <ji...@apache.org> on 2022/08/26 16:10:00 UTC

[jira] [Resolved] (KNOX-2792) New Knox service to add custom auth headers in the response

     [ https://issues.apache.org/jira/browse/KNOX-2792?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Sandor Molnar resolved KNOX-2792.
---------------------------------
    Resolution: Fixed

> New Knox service to add custom auth headers in the response
> -----------------------------------------------------------
>
>                 Key: KNOX-2792
>                 URL: https://issues.apache.org/jira/browse/KNOX-2792
>             Project: Apache Knox
>          Issue Type: Sub-task
>          Components: Server
>            Reporter: Sandor Molnar
>            Assignee: Sandor Molnar
>            Priority: Major
>             Fix For: 2.0.0
>
>          Time Spent: 1h 20m
>  Remaining Estimate: 0h
>
> A simple REST service is needed to perform centralized authentication and authorization of incoming requests. Combined with nginx's external authentication capability it allows for every request to be checked for valid authentication before being forwarded to the upstream service.
> If a valid principal is found, a header is added to the response, by default {{X-Knox-Actor-ID}}, with the principal. In addition, if the authenticated subject has groups, these are added into comma-separated headers of the default form {{X-Knox-Actor-Groups-num}}. Each group header has a character limit of 1000 to keep them reasonably sized. The header names can be customized via configuration properties.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)