[jira] [Work logged] (KNOX-3099) Add ability to exclude topologies from client auth

Tue, 25 Feb 2025 08:55:35 -0800 


     [ 
https://issues.apache.org/jira/browse/KNOX-3099?focusedWorklogId=958789&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-958789
 ]

ASF GitHub Bot logged work on KNOX-3099:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 25/Feb/25 16:54
            Start Date: 25/Feb/25 16:54
    Worklog Time Spent: 10m 
      Work Description: hanicz opened a new pull request, #995:
URL: https://github.com/apache/knox/pull/995

   ## What changes were proposed in this pull request?
   
   Currently if the user adds `gateway.client.auth.needed` as true to the 
gateway-site.xml every topology will enforce this. There is no option to 
exclude from this policy. The user can also specify gateway.client.auth.wanted 
as true however the policy is not enforced in this case.
   
   We need the ability to be able to exclude topologies in case the client auth 
is needed.
   
   Example setup:
   
   By adding the below to the gateway-site.xml we enable the client auth needed 
policy. To be able to exclude a topology from this we have to define a port 
mapping for that topology and add it to the `gateway.client.auth.exclude` as 
well.
   
       <property>
           <name>gateway.client.auth.needed</name>
           <value>true</value>
       </property>
       <property>
           <name>gateway.port.mapping.health</name>
           <value>9443</value>
       </property>
       <property>
           <name>gateway.client.auth.exclude</name>
           <value>health</value>
       </property>
   
   ## How was this patch tested?
   
   Unit tests
   Tested manually on my local setup
   




Issue Time Tracking
-------------------

            Worklog Id:     (was: 958789)
    Remaining Estimate: 0h
            Time Spent: 10m

> Add ability to exclude topologies from client auth
> --------------------------------------------------
>
>                 Key: KNOX-3099
>                 URL: https://issues.apache.org/jira/browse/KNOX-3099
>             Project: Apache Knox
>          Issue Type: Improvement
>          Components: Server
>    Affects Versions: 2.1.0
>            Reporter: Tamás Hanicz
>            Assignee: Tamás Hanicz
>            Priority: Minor
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> Currently if the user adds gateway.client.auth.needed as true to the 
> gateway-site.xml every topology will enforce this. There is no option to 
> exclude from this policy. The user can also specify 
> gateway.client.auth.wanted as true however the policy is not enforced in this 
> case.
> We need the ability to be able to exclude topologies.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to