[
https://issues.apache.org/jira/browse/KNOX-1136?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Phil Zampino updated KNOX-1136:
-------------------------------
Attachment: KNOX-1136.patch
> Provision Consistent Credentials For Generated Topologies
> ---------------------------------------------------------
>
> Key: KNOX-1136
> URL: https://issues.apache.org/jira/browse/KNOX-1136
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 0.14.0
> Reporter: Phil Zampino
> Assignee: Phil Zampino
> Fix For: 0.14.0
>
> Attachments: KNOX-1136.patch
>
>
> For Knox HA scenarios, the password used to encrypt/decrypt query params MUST
> be the same across all of the participating Knox instances. Today, synching
> these passwords is a manual activity.
> With Knox now discovering descriptors from remote registries, requiring an
> admin to manually configure the credential store for each participating Knox
> instance prior to deploying the descriptor to the remote registry limits the
> usefulness of this new feature and introduces potential for frequent failed
> deployments.
> Knox can pre-provision a password for a topology prior to the generation of
> that topology, based on the master secret, in a manner which will be
> consistent across all the participating Knox instances.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
