Matei C. created KNOX-2146:
------------------------------
Summary: Knox JWT token signature verification using public key
Key: KNOX-2146
URL: https://issues.apache.org/jira/browse/KNOX-2146
Project: Apache Knox
Issue Type: New Feature
Components: KnoxSSO
Affects Versions: 1.0.0
Environment: Ubuntu 18.04, HDP 3.1
Reporter: Matei C.
Hello,
I have configured an Apache Knox (1.0.0) topology to accept 3rd party JWTs by
following this [Cloudera
guide|[https://community.cloudera.com/t5/Community-Articles/Knox-Accept-third-party-JWT/ta-p/248488]].
I would also like to verify the 3rd party JWts based on their signature by
adding my IdP's public key in PEM format for the JWT provider, but in the
guide it is specified that on PEM certificates are accepted. (' [...] *In
current Knox version, public key is not supported, have to configure public
certificate [...]*')
Can you please tell me if there is any solution to use public keys for JWT
verification in Knox 1.0.0 ? If not, are there any plans to support this in
future Knox releases ?
P.S.:
When adding the 'knox.token.verification.pem' parameter with the public key in
the JWT provider of my topology I notoced the following error in my gateway.log:
{code:java}
javax.servlet.ServletException: javax.servlet.ServletException:
CertificateException - PEM may be corrupt
{code}
Regards,
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
