Uploaded image for project: 'Apache Knox'
  1. Apache Knox
  2. KNOX-1641

Separate <policy> and <dispatch> elements in service.xml controlled by a secure flag

    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Resolved
    • Major
    • Resolution: Won't Do
    • 1.3.0
    • 1.6.0
    • Server
    • None

    Description

      This is result of a discussion on KNOX-1628. For secure clusters, in case of services like Ranger and Atlas new service definitions are needed just for trusted proxy support, this is problematic and prone to issues.

      lmccay suggested having separate <policy> and <dispatch> elements in service.xml controlled by a secure flag (i.e secure= true|false) such that when Knox detects that the cluster is secure, secure policies and dispatches are picked up, else non-secure policies are picked up. This is similar to OR operator in rewrite.xml rules.

      superceded-by is another flag that can be implemented that will allow us to redirect explicit use of one version to another specific version or "latest".

       

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              smore Sandeep More
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: