[
https://issues.apache.org/jira/browse/KNOX-2146?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Matei C. updated KNOX-2146:
---------------------------
Description:
Hello,
I have configured an Apache Knox (1.0.0) topology to accept 3rd party JWTs by
following this [Cloudera
guide|[https://community.cloudera.com/t5/Community-Articles/Knox-Accept-third-party-JWT/ta-p/248488]].
I would also like to verify the 3rd party JWts based on their signature by
adding my IdP's public key in PEM format for the JWT provider, but in the
guide it is specified that only PEM certificates are accepted (' [...] *In
current Knox version, public key is not supported, have to configure public
certificate [...]*') and I have not found any relevant documentation from Knox
on this subject.
Can you please tell me if there is any solution to use public keys for JWT
verification in Knox 1.0.0 ? If not, are there any plans to support this in
future Knox releases ?
P.S.:
When adding the 'knox.token.verification.pem' parameter with the public key in
the JWT provider of my topology I notoced the following error in my gateway.log:
{code:java}
javax.servlet.ServletException: javax.servlet.ServletException:
CertificateException - PEM may be corrupt
{code}
Regards,
was:
Hello,
I have configured an Apache Knox (1.0.0) topology to accept 3rd party JWTs by
following this [Cloudera
guide|[https://community.cloudera.com/t5/Community-Articles/Knox-Accept-third-party-JWT/ta-p/248488]].
I would also like to verify the 3rd party JWts based on their signature by
adding my IdP's public key in PEM format for the JWT provider, but in the
guide it is specified that on PEM certificates are accepted. (' [...] *In
current Knox version, public key is not supported, have to configure public
certificate [...]*')
Can you please tell me if there is any solution to use public keys for JWT
verification in Knox 1.0.0 ? If not, are there any plans to support this in
future Knox releases ?
P.S.:
When adding the 'knox.token.verification.pem' parameter with the public key in
the JWT provider of my topology I notoced the following error in my gateway.log:
{code:java}
javax.servlet.ServletException: javax.servlet.ServletException:
CertificateException - PEM may be corrupt
{code}
Regards,
> Knox JWT token signature verification using public key
> ------------------------------------------------------
>
> Key: KNOX-2146
> URL: https://issues.apache.org/jira/browse/KNOX-2146
> Project: Apache Knox
> Issue Type: New Feature
> Components: KnoxSSO
> Affects Versions: 1.0.0
> Environment: Ubuntu 18.04, HDP 3.1
> Reporter: Matei C.
> Priority: Minor
>
> Hello,
> I have configured an Apache Knox (1.0.0) topology to accept 3rd party JWTs
> by following this [Cloudera
> guide|[https://community.cloudera.com/t5/Community-Articles/Knox-Accept-third-party-JWT/ta-p/248488]].
>
> I would also like to verify the 3rd party JWts based on their signature by
> adding my IdP's public key in PEM format for the JWT provider, but in the
> guide it is specified that only PEM certificates are accepted (' [...] *In
> current Knox version, public key is not supported, have to configure public
> certificate [...]*') and I have not found any relevant documentation from
> Knox on this subject.
>
> Can you please tell me if there is any solution to use public keys for JWT
> verification in Knox 1.0.0 ? If not, are there any plans to support this in
> future Knox releases ?
> P.S.:
> When adding the 'knox.token.verification.pem' parameter with the public key
> in the JWT provider of my topology I notoced the following error in my
> gateway.log:
>
> {code:java}
> javax.servlet.ServletException: javax.servlet.ServletException:
> CertificateException - PEM may be corrupt
> {code}
>
> Regards,
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
