Uploaded image for project: 'Apache Knox'
  1. Apache Knox
  2. KNOX-938

JWTProvider to accept Query Param as well as Bearer Token

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 0.13.0
    • Server

    Description

      By extending the ability to acquire a JWT token provided via query param as well as a bearer token, the JWTProvider will open up an opportunity for clients that are unable to set a HTTP header for the request.

      These client scenarios will need to be carefully considered and this feature carefully documented to make sure that replay attacks aren't a problem by making the token available to adversaries or persisted in the clear.

      Attachments

        Activity

          People

            lmccay Larry McCay
            lmccay Larry McCay
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: