[KNOX-1850] KnoxSession should honor the current subject for Kerberos login - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.3.0
Fix Version/s: 1.3.0
Component/s: KnoxShell
Labels:
None

Description

Currently, for Kerberos logins, KnoxSession requires some kind of JAAS config. It should also honor the current Subject, supporting doAs() invocations from already-authenticated subjects.

I'm proposing that the current Subject be used if it exists, and fall back to a JAAS configuration otherwise.

Attachments

Activity

People

Assignee:: Philip Zampino

Reporter:: Philip Zampino

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 09/Apr/19 02:02

Updated:: 21/Oct/19 14:23

Resolved:: 09/Apr/19 20:37