[jira] [Work logged] (KNOX-3052) Allow Multiple Issuers and JWTs with no Audience in same Topology as Others

[ https://issues.apache.org/jira/browse/KNOX-3052?focusedWorklogId=962647&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-962647 ] ASF GitHub Bot logged work on KNOX-3052: Author: ASF GitHub Bot

[jira] [Work logged] (KNOX-3052) Allow Multiple Issuers and JWTs with no Audience in same Topology as Others

[ https://issues.apache.org/jira/browse/KNOX-3052?focusedWorklogId=962616&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-962616 ] ASF GitHub Bot logged work on KNOX-3052: Author: ASF GitHub Bot

[jira] [Work logged] (KNOX-3052) Allow Multiple Issuers and JWTs with no Audience in same Topology as Others

[ https://issues.apache.org/jira/browse/KNOX-3052?focusedWorklogId=962615&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-962615 ] ASF GitHub Bot logged work on KNOX-3052: Author: ASF GitHub Bot

Re: [PR] KNOX-3052: Allow Multiple Issuers and JWTs with no Audience in same Topology as Others [knox]

pzampino commented on PR #1006: URL: https://github.com/apache/knox/pull/1006#issuecomment-2738426591 This is a more complete version of https://github.com/apache/knox/pull/926, addressing some test issues therewith. -- This is an automated message from the Apache Git Service. To respond

[jira] [Work logged] (KNOX-3052) Allow Multiple Issuers and JWTs with no Audience in same Topology as Others

[ https://issues.apache.org/jira/browse/KNOX-3052?focusedWorklogId=962614&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-962614 ] ASF GitHub Bot logged work on KNOX-3052: Author: ASF GitHub Bot

[PR] KNOX-3052: Allow Multiple Issuers and JWTs with no Audience in same Topology as Others [knox]

pzampino opened a new pull request, #1006: URL: https://github.com/apache/knox/pull/1006 ## What changes were proposed in this pull request? While we have a change to introduce the ability to use multiple JWKS Urls to verify a token signature, without this change any tokens would need

[PR] KNOX-3052 - Allow Multiple Issuers and with some and no Audience [knox]

lmccay opened a new pull request, #926: URL: https://github.com/apache/knox/pull/926 ## What changes were proposed in this pull request? While we have a change to introduce the ability to use multiple JWKS Urls to verify a token signature, without this change any tokens would need to

[jira] [Work logged] (KNOX-3052) Allow Multiple Issuers and JWTs with no Audience in same Topology as Others

[ https://issues.apache.org/jira/browse/KNOX-3052?focusedWorklogId=962572&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-962572 ] ASF GitHub Bot logged work on KNOX-3052: Author: ASF GitHub Bot

[DISCUSS] Missing HSTS headers for 404 response

Hey, I've just opened a JIRA on this subject as well. The issue is that the Strict-Transport-Security headers are missing for 404 responses. Currently this config is topology wide and set in the WebAppSec provider. To include this header for 404 it

Re: [DISCUSS] Missing HSTS headers for 404 response

Hi Tamás - Thank you for bringing this up! I think that configuring it at the gateway level makes sense in addition to leaving support for topology specific behavior. There may be consumers that only want this behavior for a single topology in which case they could just use the webappsec provider.

[jira] [Created] (KNOX-3111) HSTS headers are missing for 404 responses

Tamás Hanicz created KNOX-3111: -- Summary: HSTS headers are missing for 404 responses Key: KNOX-3111 URL: https://issues.apache.org/jira/browse/KNOX-3111 Project: Apache Knox Issue Type: Improvem