smolnar82 opened a new pull request, #1080: URL: https://github.com/apache/knox/pull/1080
## What changes were proposed in this pull request? Added a new topology-level configuration that can be added in the `KNOXTOKEN` service called `knox.token.limit.per.user`. If this is set to a valid integer number, the gateway-level config (`gateway.knox.token.limit.per.user`) is ignored and the topology-level value is used as token limit per user. If it's absent or set to an invalid number, the `KNOXTOKEN` service falls back to the gateway-level config (which defaults to `10`). ## How was this patch tested? Updated and ran unit tests (covering the configuration of both the gateway and topology level settings). Other than this, I concluded the following manual testing after I redeployed Knox locally with my changes: - set `gateway.knox.token.limit.per.user` to `3` in `gateway-site.xml` and confirmed I could only generate 3 tokens - set `knox.token.limit.per.user` to `2` in the `homepage` topology (did not touch the gateway-level config I added previously) and confirmed that I could only generate 2 tokens - set `knox.token.limit.per.user` to `invalidNumber` and confirmed that I could only generate 3 tokens (gateway-level config) and saw the relevant log message in `gateway.log`: ``` 2025-09-03 17:27:52,253 e36f34f0-53d3-43ed-b821-f4521b36e49b ERROR service.knoxtoken (TokenResource.java:init(309)) - The specified value for the knox.token.limit.per.user configuration property is not valid for the "homepage" topology: invalidNumber 2025-09-03 17:27:52,253 e36f34f0-53d3-43ed-b821-f4521b36e49b INFO service.knoxtoken (TokenResource.java:init(310)) - Using the gateway-level token limit per user configuration. ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
