You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by ol...@apache.org on 2017/11/07 22:05:59 UTC
[2/3] ambari git commit: AMBARI-22266. Log Search server does not
handle proxies properly (oleewere)
AMBARI-22266. Log Search server does not handle proxies properly (oleewere)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/289b2512
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/289b2512
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/289b2512
Branch: refs/heads/branch-2.6
Commit: 289b2512f3ec25eb019ab78613b9ce1d9c2c7ece
Parents: dadf55f
Author: Oliver Szabo <ol...@gmail.com>
Authored: Wed Oct 18 20:36:02 2017 +0200
Committer: Oliver Szabo <ol...@gmail.com>
Committed: Tue Nov 7 22:53:24 2017 +0100
----------------------------------------------------------------------
.../org/apache/ambari/logsearch/conf/AuthPropsConfig.java | 10 ++++++++++
.../org/apache/ambari/logsearch/conf/SecurityConfig.java | 10 ++++------
.../web/authenticate/LogsearchLogoutSuccessHandler.java | 3 ++-
.../web/filters/LogsearchAuthenticationEntryPoint.java | 2 +-
4 files changed, 17 insertions(+), 8 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/289b2512/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/conf/AuthPropsConfig.java
----------------------------------------------------------------------
diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/conf/AuthPropsConfig.java b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/conf/AuthPropsConfig.java
index 54cc10c..2171cf7 100644
--- a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/conf/AuthPropsConfig.java
+++ b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/conf/AuthPropsConfig.java
@@ -52,6 +52,8 @@ public class AuthPropsConfig {
private String originalUrlQueryParam;
@Value("#{'${logsearch.auth.jwt.audiances:}'.split(',')}")
private List<String> audiences;
+ @Value("${logsearch.auth.redirect.forward:false}")
+ private boolean redirectForward;
public boolean isAuthFileEnabled() {
return authFileEnabled;
@@ -156,4 +158,12 @@ public class AuthPropsConfig {
public void setAudiences(List<String> audiences) {
this.audiences = audiences;
}
+
+ public boolean isRedirectForward() {
+ return redirectForward;
+ }
+
+ public void setRedirectForward(boolean redirectForward) {
+ this.redirectForward = redirectForward;
+ }
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/289b2512/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/conf/SecurityConfig.java
----------------------------------------------------------------------
diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/conf/SecurityConfig.java b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/conf/SecurityConfig.java
index 2f9cba4..4cba1aa 100644
--- a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/conf/SecurityConfig.java
+++ b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/conf/SecurityConfig.java
@@ -40,7 +40,7 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
-import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.OrRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
@@ -96,14 +96,11 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
.antMatchers("/**").authenticated()
.and()
.authenticationProvider(logsearchAuthenticationProvider())
- .formLogin()
- .loginPage("/login.html")
- .and()
.httpBasic()
.authenticationEntryPoint(logsearchAuthenticationEntryPoint())
.and()
- .addFilterBefore(logsearchUsernamePasswordAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class)
- .addFilterBefore(logsearchKRBAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class)
+ .addFilterBefore(logsearchKRBAuthenticationFilter(), BasicAuthenticationFilter.class)
+ .addFilterBefore(logsearchUsernamePasswordAuthenticationFilter(), LogsearchKRBAuthenticationFilter.class)
.addFilterAfter(securityContextFormationFilter(), FilterSecurityInterceptor.class)
.addFilterAfter(logsearchUserConfigFilter(), LogsearchSecurityContextFormationFilter.class)
.addFilterAfter(logsearchAuditLogFilter(), LogsearchSecurityContextFormationFilter.class)
@@ -149,6 +146,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
public LogsearchAuthenticationEntryPoint logsearchAuthenticationEntryPoint() {
LogsearchAuthenticationEntryPoint entryPoint = new LogsearchAuthenticationEntryPoint("/login.html");
entryPoint.setForceHttps(false);
+ entryPoint.setUseForward(authPropsConfig.isRedirectForward());
return entryPoint;
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/289b2512/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/authenticate/LogsearchLogoutSuccessHandler.java
----------------------------------------------------------------------
diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/authenticate/LogsearchLogoutSuccessHandler.java b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/authenticate/LogsearchLogoutSuccessHandler.java
index c20e383..5d7fa3d 100644
--- a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/authenticate/LogsearchLogoutSuccessHandler.java
+++ b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/authenticate/LogsearchLogoutSuccessHandler.java
@@ -36,6 +36,7 @@ public class LogsearchLogoutSuccessHandler extends SimpleUrlLogoutSuccessHandler
public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication)
throws IOException, ServletException {
logger.debug("LogsearchLogoutSuccessHandler ::: onLogoutSuccess");
- response.sendRedirect("/index.html");
+ setUseReferer(true);
+ super.onLogoutSuccess(request, response, authentication);
}
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/289b2512/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/filters/LogsearchAuthenticationEntryPoint.java
----------------------------------------------------------------------
diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/filters/LogsearchAuthenticationEntryPoint.java b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/filters/LogsearchAuthenticationEntryPoint.java
index 1831697..2fe5f7b 100644
--- a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/filters/LogsearchAuthenticationEntryPoint.java
+++ b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/filters/LogsearchAuthenticationEntryPoint.java
@@ -44,7 +44,7 @@ public class LogsearchAuthenticationEntryPoint extends LoginUrlAuthenticationEnt
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Session Timeout");
} else {
logger.debug("Redirecting to login page :" + this.getLoginFormUrl());
- response.sendRedirect(this.getLoginFormUrl() + ((request.getQueryString() != null) ? "?" + request.getQueryString() : ""));
+ super.commence(request, response, authException);
}
}
}