[
https://issues.apache.org/jira/browse/KNOX-26?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kevin Minder updated KNOX-26:
-----------------------------
Summary: Support federation/SSO using external tokens (was: Support
federation/SSO using external tokens (MS Azure))
> Support federation/SSO using external tokens
> --------------------------------------------
>
> Key: KNOX-26
> URL: https://issues.apache.org/jira/browse/KNOX-26
> Project: Apache Knox
> Issue Type: New Feature
> Components: Server
> Reporter: Kevin Minder
>
> From BUG-4305
> During our discussions with Microsoft's Azure team they expressed
> requirements that the gateway and ultimately Hadoop proper accept externally
> generated authentication tokens. There are really two possible models here.
> 1. The gateway accepts external tokens (e.g. SAML, JWT, SWT), extracts the
> principal and passes that downstream via either pseudo auth mechanism or
> creation of hadoop.auth tokens.
> 2. The gateway is transparent and passes these external tokens through to the
> downstream services where they will perform the required verification. This
> model provides better security but will require changes to all downstream
> Hadoop services.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
