[jira] [Commented] (KNOX-1155) Knox Gateway Service for ElasticSearch

Wed, 09 May 2018 12:19:29 -0700 

    [ 
https://issues.apache.org/jira/browse/KNOX-1155?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16469340#comment-16469340
 ] 

Larry McCay commented on KNOX-1155:
-----------------------------------

Hi [~dequanchen] - it seems that you are saying that there are times when you 
would want to use the shiro provider when using the "no_ldap knox topology". If 
that is the case then you do not want to force the use of the Anonymous 
provider in the service definition itself. This makes it ALWAYS the anonymous 
provider as it overrides what is in the topology. If that isn't what you want 
then you should remove that whole section with the policy definitions in there. 
This will allow you to use any number of authentication/federation mechanisms 
available in Knox or custom ones that you provide.

An docs would certainly be welcome by the community!

I can imagine User Guide docs for simply adding it to a topology but also a 
larger wiki article for full usecase description and instructions.

> Knox Gateway Service for ElasticSearch
> --------------------------------------
>
>                 Key: KNOX-1155
>                 URL: https://issues.apache.org/jira/browse/KNOX-1155
>             Project: Apache Knox
>          Issue Type: New Feature
>          Components: Build, Release
>    Affects Versions: 0.9.0, 0.9.1, 0.10.0, 0.11.0
>         Environment: Knox Gateway Servers
>            Reporter: Dequan Chen
>            Assignee: Dequan Chen
>            Priority: Critical
>              Labels: patch
>             Fix For: 1.1.0
>
>         Attachments: KNOX-1155-001.patch, rewrite.xml, service.xml
>
>   Original Estimate: 1h
>  Remaining Estimate: 1h
>
> We have used a lot of Knox Gateway Services and ElasticSearch service on our 
> Big Data platforms. However there are no Knox Gateway Service for 
> ElasticSearch yet.  In our situation, we need such a Knox Gateway Service for 
> ElasticSearch without Knox to do the …
> authentication but ElasticSearch Rest Server(s) to do the authentication. As 
> per our use case, we have developed such a Knox Gateway ElasticSearch Service 
> (services/elasticsearch/1.0.0), and we are in a mode to share the code to the 
> Apache Knox community because it has been fully tested for the following 
> scenarios:
> (1)   No-LDAP, Local-LDAP or company-specific-LDAP authentication in the Knox 
> gateway;
> (2)   Any Elasitcsearch Index - creation, deletion, refresshing and data - 
> writing, updating and retrieval;
> (3)   Elasticsearch node root query.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to