You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "Kevin Risden (JIRA)" <ji...@apache.org> on 2018/12/07 15:10:00 UTC

[jira] [Commented] (KNOX-1364) Cookie scoping path should contain the topology name

    [ https://issues.apache.org/jira/browse/KNOX-1364?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16712955#comment-16712955 ] 

Kevin Risden commented on KNOX-1364:
------------------------------------

Uploaded a new patch that applies cleanly. I manually confirmed that with cookie scoping enabled and this patch the cookie has the proper path with the topology name. Running through all the tests now and will commit.

> Cookie scoping path should contain the topology name
> ----------------------------------------------------
>
>                 Key: KNOX-1364
>                 URL: https://issues.apache.org/jira/browse/KNOX-1364
>             Project: Apache Knox
>          Issue Type: Improvement
>    Affects Versions: 0.14.0
>            Reporter: Laszlo Nardai
>            Priority: Major
>              Labels: Patch, review
>             Fix For: 1.3.0
>
>         Attachments: KNOX-1364.patch, KNOX-1364.patch, Screen Shot 2018-12-07 at 9.19.39 AM.png, Screen Shot 2018-12-07 at 9.20.27 AM.png
>
>
> When using knox in PROXY only mode, cookies are set with the following domain and path.
> *[https://sandbox-hdf.hortonworks.com:5443/gateway/local-hdf/ambari#/login*]
>  I login to ambari on this URL, and I get a cookie with
>  domain: sandbox-hdf.hortonworks.com
>  path: gateway
> If I try to access another ambari instance through the same knox in the following URL:
>  *[https://sandbox-hdf.hortonworks.com:5443/gateway/local-hdf2/ambari#/login*|https://sandbox-hdf.hortonworks.com:5443/gateway/local-hdf/ambari#/login*]
>  domain: sandbox-hdf.hortonworks.com
>  path: gateway
> So basically this cookie will overwrite the previous one and will trigger a logout from the first ambari ui.
> Proposed solution:
>  include the topology name in the cookie path:
>  domain: sandbox-hdf.hortonworks.com
>  path: gateway/local-hdf



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)