You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by al...@apache.org on 2015/11/20 14:13:32 UTC
ambari git commit: AMBARI-13992. SSO users, when unauthenticated,
should be forwarded to the Knox login URL
Repository: ambari
Updated Branches:
refs/heads/trunk 0d93e9314 -> 45fe1f071
AMBARI-13992. SSO users, when unauthenticated, should be forwarded to the Knox login URL
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/45fe1f07
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/45fe1f07
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/45fe1f07
Branch: refs/heads/trunk
Commit: 45fe1f07108283ced28d5319234263668f0d9175
Parents: 0d93e93
Author: Alex Antonenko <hi...@gmail.com>
Authored: Fri Nov 20 14:40:53 2015 +0200
Committer: Alex Antonenko <hi...@gmail.com>
Committed: Fri Nov 20 15:13:27 2015 +0200
----------------------------------------------------------------------
ambari-web/app/messages.js | 4 +++
ambari-web/app/router.js | 80 +++++++++++++++++++++++++++++++++++++++--
2 files changed, 82 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/45fe1f07/ambari-web/app/messages.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/messages.js b/ambari-web/app/messages.js
index 2691a5d..7c7ca57 100644
--- a/ambari-web/app/messages.js
+++ b/ambari-web/app/messages.js
@@ -25,6 +25,10 @@ Em.I18n.translations = {
'app.reloadPopup.text': 'Trying to connect to server...',
'app.reloadPopup.noClusterName.text': 'Failed to retrieve cluster name, trying to reload...',
'app.reloadPopup.header': 'Reload Page',
+ 'app.redirectIssuePopup.header': 'Login Redirect Issue',
+ 'app.redirectIssuePopup.body': 'For single sign-on, make sure that Knox Gateway and Ambari Server are located on the same host or subdomain.' +
+ '<br/>Alternatively login as an Ambari local user using the local login page.<br />' +
+ '<a href="{0}" target="_blank">{0}</a>',
'app.loadingPlaceholder': 'Loading...',
'app.versionMismatchAlert.title': 'Ambari Server / Web Client Version Mismatch',
http://git-wip-us.apache.org/repos/asf/ambari/blob/45fe1f07/ambari-web/app/router.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/router.js b/ambari-web/app/router.js
index ae7ae6a..f19d621 100644
--- a/ambari-web/app/router.js
+++ b/ambari-web/app/router.js
@@ -56,9 +56,26 @@ App.Router = Em.Router.extend({
backBtnForHigherStep: false,
transitionInProgress: false,
+ /**
+ * Path for local login page. This page will be always accessible without
+ * redirect to auth server different from ambari-server. Used in some types of
+ * authorizations like knox sso.
+ *
+ * @type {string}
+ */
localUserAuthUrl: '/login/local',
/**
+ * LocalStorage property <code>redirectsCount</code> from <code>tmp</code> namespace
+ * will be incremented by each redirect action performed by UI and reset on success login.
+ * <code>redirectsLimitCount</code> determines maximum redirect tries. When redirects count overflow
+ * then something goes wrong and we have to inform user about the problem.
+ *
+ * @type {number}
+ */
+ redirectsLimitCount: 0,
+
+ /**
* Is true, if cluster.provisioning_state is equal to 'INSTALLED'
* @type {Boolean}
*/
@@ -240,6 +257,7 @@ App.Router = Em.Router.extend({
this.setAuthenticated(true);
this.setLoginName(userName);
this.setUser(App.User.find().findProperty('id', userName));
+ App.db.set('tmp', 'redirectsCount', 0);
},
/**
@@ -307,7 +325,7 @@ App.Router = Em.Router.extend({
}
},
- loginErrorCallback: function(request, ajaxOptions, error, opt) {
+ loginErrorCallback: function(request) {
var controller = this.get('loginController');
this.setAuthenticated(false);
if (request.status == 403) {
@@ -564,14 +582,71 @@ App.Router = Em.Router.extend({
}
},
+
+ /**
+ * Increment redirect count if <code>redirected</code> parameter passed.
+ */
+ handleUIRedirect: function() {
+ if (/(\?|&)redirected=/.test(location.hash)) {
+ var redirectsCount = App.db.get('tmp', 'redirectsCount') || 0;
+ App.db.set('tmp', 'redirectsCount', ++redirectsCount);
+ }
+ },
+
+ /**
+ * <code>window.location</code> setter. Will add query param which determines that we redirect user
+ * @param {string} url - url to navigate
+ */
redirectByURL: function(url) {
- window.location.href = url;
+ var suffix = "?redirected=true";
+ var redirectsCount = App.db.get('tmp', 'redirectsCount') || 0;
+ if (redirectsCount > this.get('redirectsLimitCount')) {
+ this.showRedirectIssue();
+ return;
+ }
+ // skip adding redirected parameter if added
+ if (/(\?|&)redirected=/.test(location.hash)) {
+ this.setLocationUrl(url);
+ return;
+ }
+ // detect if query params were assigned and replace "?" with "&" for suffix param
+ if (/\?\w+=/.test(location.hash)) {
+ suffix = suffix.replace('?', '&');
+ }
+ this.setLocationUrl(url + suffix);
+ },
+
+ /**
+ * Convenient method to set <code>window.location</code>.
+ * Useful for faking url manipulation in tests.
+ *
+ * @param {string} url
+ */
+ setLocationUrl: function(url) {
+ window.location = url;
},
+ /**
+ * Convenient method to get current <code>window.location</code>.
+ * Useful for faking url manipulation in tests.
+ */
getCurrentLocationUrl: function() {
return window.location.href;
},
+ /**
+ * Inform user about redirect issue in modal popup.
+ *
+ * @returns {App.ModalPopup}
+ */
+ showRedirectIssue: function() {
+ var bodyMessage = Em.I18n.t('app.redirectIssuePopup.body').format(location.origin + '/#' + this.get('localUserAuthUrl'));
+ var popupHeader = Em.I18n.t('app.redirectIssuePopup.header');
+ var popup = App.showAlertPopup(popupHeader, bodyMessage);
+ popup.set('encodeBody', false);
+ return popup;
+ },
+
root: Em.Route.extend({
index: Em.Route.extend({
route: '/',
@@ -580,6 +655,7 @@ App.Router = Em.Router.extend({
enter: function(router){
router.initAdmin();
+ router.handleUIRedirect();
},
login: Em.Route.extend({