Uploaded image for project: 'Apache Knox'
  1. Apache Knox
  2. KNOX-938

JWTProvider to accept Query Param as well as Bearer Token

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 0.13.0
    • Component/s: Server
    • Labels:

      Description

      By extending the ability to acquire a JWT token provided via query param as well as a bearer token, the JWTProvider will open up an opportunity for clients that are unable to set a HTTP header for the request.

      These client scenarios will need to be carefully considered and this feature carefully documented to make sure that replay attacks aren't a problem by making the token available to adversaries or persisted in the clear.

        Attachments

          Activity

            People

            • Assignee:
              lmccay Larry McCay
              Reporter:
              lmccay Larry McCay
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: