[
https://issues.apache.org/jira/browse/KNOX-1136?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16291608#comment-16291608
]
ASF subversion and git services commented on KNOX-1136:
-------------------------------------------------------
Commit 6eacf68adf2dfa3f6769ed29d79025d57e681d27 in knox's branch
refs/heads/KNOX-998-Package_Restructuring from [~lmccay]
[ https://git-wip-us.apache.org/repos/asf?p=knox.git;h=6eacf68 ]
KNOX-1136 - Provision Consistent Credentials For Generated Topologies (phil
zampino via lmccay)
> Provision Consistent Credentials For Generated Topologies
> ---------------------------------------------------------
>
> Key: KNOX-1136
> URL: https://issues.apache.org/jira/browse/KNOX-1136
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 0.14.0
> Reporter: Phil Zampino
> Assignee: Phil Zampino
> Fix For: 0.14.0
>
> Attachments: KNOX-1136.patch
>
>
> For Knox HA scenarios, the password used to encrypt/decrypt query params MUST
> be the same across all of the participating Knox instances. Today, synching
> these passwords is a manual activity.
> With Knox now discovering descriptors from remote registries, requiring an
> admin to manually configure the credential store for each participating Knox
> instance prior to deploying the descriptor to the remote registry limits the
> usefulness of this new feature and introduces potential for frequent failed
> deployments.
> Knox can pre-provision a password for a topology prior to the generation of
> that topology, based on the master secret, in a manner which will be
> consistent across all the participating Knox instances.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
