Uploaded image for project: 'Apache Knox'
  1. Apache Knox
  2. KNOX-2211

AliasBasedTokenStateService should store token state in topology-specific credential stores

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Not A Problem
    • Affects Version/s: 1.4.0
    • Fix Version/s: None
    • Component/s: Server
    • Labels:
      None

      Description

      Currently, the AliasBasedTokenStateService persists all token state in the gateway's central credential store rather than a topology-specific credential store. This was done because the providers that also employ the TokenStateService do not know from which topology a token was produced, and therefore have not enough information to correctly specify a topology credential store.

      It may be possible to include this missing topology information in the tokens themselves, such that the providers (or the TokenStateService) would be able to correctly specify the topology credential store.

        Attachments

        Issue Links

          Activity

            People

            • Assignee:
              pzampino Philip Zampino
              Reporter:
              pzampino Philip Zampino

              Dates

              • Created:
                Updated:
                Resolved:

                Issue deployment