[
https://issues.apache.org/jira/browse/KNOX-2997?focusedWorklogId=897495&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-897495
]
ASF GitHub Bot logged work on KNOX-2997:
----------------------------------------
Author: ASF GitHub Bot
Created on: 29/Dec/23 17:26
Start Date: 29/Dec/23 17:26
Worklog Time Spent: 10m
Work Description: lmccay commented on code in PR #830:
URL: https://github.com/apache/knox/pull/830#discussion_r1438346599
##########
gateway-service-definitions/src/main/resources/services/kafkaui.1.0.0/service.xml:
##########
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<service role="KAFKAUI" name="kafkaui" version="1.0.0">
+ <metadata>
+ <type>UI</type>
+ <context>/kafka/</context>
+ <shortDesc>kafka Web UI</shortDesc>
+ <description></description>
+ </metadata>
+ <routes>
+ <route path="/kafka/">
+ </route>
+ <route path="/kafka/**">
+ </route>
+ <route path="/kafka/**?**">
+ </route>
+ </routes>
+ <dispatch classname="org.apache.knox.gateway.dispatch.ConfigurableDispatch"
+
ha-classname="org.apache.knox.gateway.ha.dispatch.ConfigurableHADispatch">
+ <param>
+ <name>responseExcludeHeaders</name>
+ <value>WWW-AUTHENTICATE</value>
+ </param>
Review Comment:
@upczsh - hmm - if kafka doesn't support kerberos then how is it working
with Knox? Are you not proxying the in order to get KnoxSSO support? There
really aren't really anymore services that are natively supporting KnoxSSO that
are not supporting proxy based SSO.
Before services like Ranger supported trusted proxies, they still were
proxied by Knox but implemented the authentication themselves. You can see some
evidence of this in the Ranger 0.5.0 version service.xml file. They force the
authentication provider to be Anonymous. Knox doesn't try and to authenticate
the user for services that have that and send a doas=anonymous then the service
can do the authentication - including native support for KnoxSSO.
If that is what you are looking to do then you may need to add the policies
element that Ranger has in its 0.5.0 service.xml.
Issue Time Tracking
-------------------
Worklog Id: (was: 897495)
Time Spent: 1h 20m (was: 1h 10m)
> Add kafka ui support in service definition.
> --------------------------------------------
>
> Key: KNOX-2997
> URL: https://issues.apache.org/jira/browse/KNOX-2997
> Project: Apache Knox
> Issue Type: New Feature
> Components: Release
> Reporter: zhaoshuaihua
> Priority: Major
> Attachments:
> KNOX-2997_-_Add_kafka_ui_support_in_service_definition_.patch,
> image-2023-12-28-17-11-42-566.png, image-2023-12-28-17-11-55-676.png
>
> Time Spent: 1h 20m
> Remaining Estimate: 0h
>
> Apache Kafka is a distributed streaming platform initially developed by
> LinkedIn and later open-sourced as an Apache Software Foundation project.
> Designed for handling real-time data streams, Kafka supports high throughput,
> persistent storage, and horizontal scalability.kafka has its own ui.
> We can support it in knox service definition.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
