[ https://issues.apache.org/jira/browse/KNOX-938?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16009413#comment-16009413 ]
Larry McCay commented on KNOX-938: ---------------------------------- "knox.token.query.param.name" provider param can be used to set the query param name for the token - otherwise the default is "knoxtoken". > JWTProvider to accept Query Param as well as Bearer Token > --------------------------------------------------------- > > Key: KNOX-938 > URL: https://issues.apache.org/jira/browse/KNOX-938 > Project: Apache Knox > Issue Type: Bug > Components: Server > Reporter: Larry McCay > Assignee: Larry McCay > Labels: KIP-7 > Fix For: 0.13.0 > > > By extending the ability to acquire a JWT token provided via query param as > well as a bearer token, the JWTProvider will open up an opportunity for > clients that are unable to set a HTTP header for the request. > These client scenarios will need to be carefully considered and this feature > carefully documented to make sure that replay attacks aren't a problem by > making the token available to adversaries or persisted in the clear. -- This message was sent by Atlassian JIRA (v6.3.15#6346)