Hi Latha - I see. This is a good candidate to add to the WebAppSec Provider: https://github.com/apache/knox/tree/master/gateway-provider-security-webappsec/src/main/java/org/apache/hadoop/gateway/webappsec
This will allow you to set it for all the services in a topology. You can use the others in the filter subpackage as an example and you will need to extend the deployment contributor to take the configuration to enable that particular filter in the generated webapp. See the WebAppSecContributor in the deploy subpackage. Add similar config support and your new filter. File a JIRA for it and set the Fix version to 0.14.0 for now and contribute the patch. HTH, --larry On Tue, Aug 29, 2017 at 7:05 AM, Latha Appanna <[email protected]> wrote: > Hi Larry, > > We want to add this header for all services, but if its possible to do for > a specific service now, please let me know on how we can add it to this > using a rewrite function? > > Thanks, > Latha > > On Tue, Aug 29, 2017 at 10:20 AM, Latha Appanna <[email protected]> > wrote: > >> Hi Larry, >> >> >> We want to have "Strict-Transport-Security" header in knox reponses for >> all the services being proxied by KNOX for security purpose. Thanks >> >> On Mon, Aug 28, 2017 at 5:43 PM, larry mccay <[email protected]> wrote: >> >>> Hi Latha - >>> >>> I don't believe there is any way to do this currently. >>> I'd be interested in the usecase where the client is looking for a >>> header that isn't being returned by the actual service being proxied. >>> >>> If it is for a specific service that you need to do this for then we >>> could potentially look into a rewrite function to add a header. >>> Then you would add it to the service definition. >>> >>> If it is for all services being proxied by Knox then we would need to >>> look for a central configuration and injection point. >>> Maybe we could add something in the DefaultDispatch we could interrogate >>> the GatewayConfig and decide what headers to add. >>> >>> thanks, >>> >>> --larry >>> >>> On Mon, Aug 28, 2017 at 5:36 AM, Latha Appanna <[email protected]> >>> wrote: >>> >>>> I did not find any documentation on how to add a http header in all >>>> responses from knox, please let me know on how to do it. Thanks >>>> >>> >>> >> >
