Description
Knox can be used as an external authorizer for Istio . In this model Istio forwards the request to the external authorizer and depending on the results the request then either errors out with 401 or 403 OR proceeds to it's intended destination after successful authentication and authorization by Knox.
Here the request is getting forwarded and Knox acts as a "filter". This means the "pre" endpoint should support all the HTTP verbs and it should have the ability to ignore additional paths that may be appended by Istio.
This JIRA is to address these issues by creating a new service "extauthz" that addresses these issues without changing existing "pre" service to prevent breakage.
Attachments
Issue Links
- relates to
-
KNOX-3035 Group header value should be based on data size and not number
-
- Open
-
- links to
