You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2019/08/25 16:09:00 UTC
[jira] [Work logged] (KNOX-1934) Setting value of
knoxsso.cookie.secure.only based on ssl.enabled in gateway.site
[ https://issues.apache.org/jira/browse/KNOX-1934?focusedWorklogId=300875&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-300875 ]
ASF GitHub Bot logged work on KNOX-1934:
----------------------------------------
Author: ASF GitHub Bot
Created on: 25/Aug/19 16:08
Start Date: 25/Aug/19 16:08
Worklog Time Spent: 10m
Work Description: smolnar82 commented on pull request #134: KNOX-1934 - Setting the default value of knoxsso.cookie.secure.only based on ssl.enabled flag in gateway-site.xml
URL: https://github.com/apache/knox/pull/134
## What changes were proposed in this pull request?
In case the `knoxsso.cookie.secure.only` is not set we use the value of `ssl.enabled` flag (defaults to true). Using this approach and not setting `knoxsso.cookie.secure.only` in our OOTB `knoxsso.xml` makes it easier to access the admin UI without the need to edit the `knoxsso` topology in case SSL is disabled.
## How was this patch tested?
Adding new JUnit tests:
```
$ mvn clean -Dshellcheck=true -T1C verify -Prelease,package
...
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 17:33 min (Wall Clock)
[INFO] Finished at: 2019-08-25T17:21:54+02:00
[INFO] Final Memory: 384M/2246M
[INFO] ------------------------------------------------------------------------
```
Also tested the deliverable by changing the values in `gateway-site.xml` and `knoxsso.xml` as follows:
```
ssl.enabled=false
knoxsso.cookie.secure.only is not set
----
ssl.enabled=true
knoxsso.cookie.secure.only is not set
----
ssl.enabled=false
knoxsso.cookie.secure.only=false
----
ssl.enabled=false
knoxsso.cookie.secure.only=true
```
It's been working as expected.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Issue Time Tracking
-------------------
Worklog Id: (was: 300875)
Remaining Estimate: 0h
Time Spent: 10m
> Setting value of knoxsso.cookie.secure.only based on ssl.enabled in gateway.site
> --------------------------------------------------------------------------------
>
> Key: KNOX-1934
> URL: https://issues.apache.org/jira/browse/KNOX-1934
> Project: Apache Knox
> Issue Type: Improvement
> Components: KnoxSSO, Server
> Reporter: Abhishek Shukla
> Assignee: Sandor Molnar
> Priority: Minor
> Fix For: 1.4.0
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Currently, knoxsso.cookie.secure.only is set to true always in knoxsso topology, since Knox Gateway is always deployed in SSL enabled mode.
> But if deployment is done with ssl.disabled=true mode, then we can access the ADMIN UI only after setting the value for knoxsso.cookie.secure.only = false manually.
>
> It will be good to set the knoxsso.cookie.secure.only flag based on ssl.disabled flag present in gateway-site configs.
>
--
This message was sent by Atlassian Jira
(v8.3.2#803003)