You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Larry McCay (Jira)" <ji...@apache.org> on 2020/11/11 17:46:00 UTC
[jira] [Updated] (KNOX-1641) Separate and
elements in service.xml controlled by a secure flag
[ https://issues.apache.org/jira/browse/KNOX-1641?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Larry McCay updated KNOX-1641:
------------------------------
Fix Version/s: (was: 1.5.0)
1.6.0
> Separate <policy> and <dispatch> elements in service.xml controlled by a secure flag
> ------------------------------------------------------------------------------------
>
> Key: KNOX-1641
> URL: https://issues.apache.org/jira/browse/KNOX-1641
> Project: Apache Knox
> Issue Type: New Feature
> Components: Server
> Affects Versions: 1.3.0
> Reporter: Sandeep More
> Priority: Major
> Fix For: 1.6.0
>
>
> This is result of a discussion on KNOX-1628. For secure clusters, in case of services like Ranger and Atlas new service definitions are needed just for trusted proxy support, this is problematic and prone to issues.
> [~lmccay] suggested having separate <policy> and <dispatch> elements in service.xml controlled by a *secure* flag (i.e secure= true|false) such that when Knox detects that the cluster is secure, secure policies and dispatches are picked up, else non-secure policies are picked up. This is similar to OR operator in rewrite.xml rules.
> *superceded-by* is another flag that can be implemented that will allow us to redirect explicit use of one version to another specific version or "latest".
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)