Sandeep More created KNOX-1641:
----------------------------------
Summary: Separate <policy> and <dispatch> elements in service.xml
controlled by a secure flag
Key: KNOX-1641
URL: https://issues.apache.org/jira/browse/KNOX-1641
Project: Apache Knox
Issue Type: New Feature
Components: Server
Affects Versions: 1.3.0
Reporter: Sandeep More
Fix For: 1.3.0
This is result of a discussion on KNOX-1628. For secure clusters, in case of
services like Ranger and Atlas new service definitions are needed just for
trusted proxy support, this is problematic and prone to issues.
[~lmccay] suggested having separate <policy> and <dispatch> elements in
service.xml controlled by a *secure* flag (i.e secure= true|false) such that
when Knox detects that the cluster is secure, secure policies and dispatches
are picked up, else non-secure policies are picked up. This is similar to OR
operator in rewrite.xml rules.
*superceded-by* is another flag that can be implemented that will allow us to
redirect explicit use of one version to another specific version or "latest".
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
