[ https://issues.apache.org/jira/browse/KNOX-28?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Larry McCay resolved KNOX-28. ----------------------------- Resolution: Fixed Resolving this as fixed in 0.8.0 with the addition of Pac4J provider. > Support federation/SSO using external tokens > -------------------------------------------- > > Key: KNOX-28 > URL: https://issues.apache.org/jira/browse/KNOX-28 > Project: Apache Knox > Issue Type: New Feature > Affects Versions: 0.2.0 > Reporter: Kevin Minder > Labels: security > Fix For: 0.8.0 > > > During our discussions with a customer they expressed requirements that the > gateway and ultimately Hadoop proper accept externally generated > authentication tokens. There are really two possible models here. > 1. The gateway accepts external tokens (e.g. SAML, JWT, SWT), extracts the > principal and passes that downstream via either pseudo auth mechanism or > creation of hadoop.auth tokens. > 2. The gateway is transparent and passes these external tokens through to the > downstream services where they will perform the required verification. This > model provides better security but will require changes to all downstream > Hadoop services. -- This message was sent by Atlassian JIRA (v6.4.14#64029)