hanicz opened a new pull request, #995:
URL: https://github.com/apache/knox/pull/995
## What changes were proposed in this pull request?
Currently if the user adds `gateway.client.auth.needed` as true to the
gateway-site.xml every topology will enforce this. There is no option to
exclude from this policy. The user can also specify gateway.client.auth.wanted
as true however the policy is not enforced in this case.
We need the ability to be able to exclude topologies in case the client auth
is needed.
Example setup:
By adding the below to the gateway-site.xml we enable the client auth needed
policy. To be able to exclude a topology from this we have to define a port
mapping for that topology and add it to the `gateway.client.auth.exclude` as
well.
<property>
<name>gateway.client.auth.needed</name>
<value>true</value>
</property>
<property>
<name>gateway.port.mapping.health</name>
<value>9443</value>
</property>
<property>
<name>gateway.client.auth.exclude</name>
<value>health</value>
</property>
## How was this patch tested?
Unit tests
Tested manually on my local setup
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@knox.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
