You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@atlas.apache.org by Nixon Rodrigues <ni...@freestoneinfotech.com> on 2017/05/05 14:39:53 UTC
Review Request 59023: ATLAS-1767 :- Support KNOX SSO Token based
authentication on Atlas REST API calls
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59023/
-----------------------------------------------------------
Review request for atlas, Apoorv Naik, Ayub Pathan, Madhan Neethiraj, and Sarath Subramanian.
Repository: atlas
Description
-------
This patch includes change to support knox sso authentication from all user-agent when knox cookie header are being in request header.
Diffs
-----
webapp/src/main/java/org/apache/atlas/web/filters/AtlasKnoxSSOAuthenticationFilter.java c3219b9
Diff: https://reviews.apache.org/r/59023/diff/1/
Testing
-------
Verified authentication from various scenarios.
* From Browser with Knox Authentication
* From Login Page browser
* From from Curl client with various header option
* With knox hadoop-jwt-cookie header
curl -kivL --negotiate -u : http://<host>:21000/api/atlas/session --cookie "hadoop-jwt=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsImlzcyI6IktOT1hTU08iLCJleHAiOjE0OTQyODc3MDF9.aj5E0bqTlmnn42gxBm0geogNpX6XwXaEFhDrt-0ANbQpsF2gL2Fn8Lb9hBu9x2R9WFiCv9Wc2H58mW93H_k17yQFqHnJc5OfFOnQ-oI4BYABe7Wi4HkmD3ocRHXc6coY9RbR7Tu6FYT-8ZNH99FgmU20XqXFnmTUgxQYSosjXzU"
* With Kerberos negotiate header
curl -kivL --negotiate -u : http://<host>:21000/api/atlas/admin/session
* With Basic Auth Header
curl -kivL -u admin:admin http://<host>:21000/api/atlas/session
* From Jersey Java Client ie verified Quick Start script
Thanks,
Nixon Rodrigues
Re: Review Request 59023: ATLAS-1767 :- Support KNOX SSO Token based
authentication on Atlas REST API calls
Posted by Madhan Neethiraj <ma...@apache.org>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59023/#review175052
-----------------------------------------------------------
Ship it!
Ship It!
- Madhan Neethiraj
On May 5, 2017, 2:39 p.m., Nixon Rodrigues wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59023/
> -----------------------------------------------------------
>
> (Updated May 5, 2017, 2:39 p.m.)
>
>
> Review request for atlas, Apoorv Naik, Ayub Pathan, Madhan Neethiraj, and Sarath Subramanian.
>
>
> Repository: atlas
>
>
> Description
> -------
>
> This patch includes change to support knox sso authentication from all user-agent when knox cookie header are being in request header.
>
>
> Diffs
> -----
>
> webapp/src/main/java/org/apache/atlas/web/filters/AtlasKnoxSSOAuthenticationFilter.java c3219b9
>
>
> Diff: https://reviews.apache.org/r/59023/diff/1/
>
>
> Testing
> -------
>
> Verified authentication from various scenarios.
>
> * From Browser with Knox Authentication
>
> * From Login Page browser
>
> * From from Curl client with various header option
>
> * With knox hadoop-jwt-cookie header
> curl -kivL --negotiate -u : http://<host>:21000/api/atlas/session --cookie "hadoop-jwt=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsImlzcyI6IktOT1hTU08iLCJleHAiOjE0OTQyODc3MDF9.aj5E0bqTlmnn42gxBm0geogNpX6XwXaEFhDrt-0ANbQpsF2gL2Fn8Lb9hBu9x2R9WFiCv9Wc2H58mW93H_k17yQFqHnJc5OfFOnQ-oI4BYABe7Wi4HkmD3ocRHXc6coY9RbR7Tu6FYT-8ZNH99FgmU20XqXFnmTUgxQYSosjXzU"
>
> * With Kerberos negotiate header
> curl -kivL --negotiate -u : http://<host>:21000/api/atlas/admin/session
>
> * With Basic Auth Header
> curl -kivL -u admin:admin http://<host>:21000/api/atlas/session
>
> * From Jersey Java Client ie verified Quick Start script
>
>
> Thanks,
>
> Nixon Rodrigues
>
>