You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "Attila Magyar (Jira)" <ji...@apache.org> on 2023/11/07 12:35:00 UTC

[jira] [Created] (KNOX-2982) Having one disabled one enabled identity-assertion provider in knoxsso doesn't work

Attila Magyar created KNOX-2982:
-----------------------------------

             Summary: Having one disabled one enabled identity-assertion provider in knoxsso doesn't work
                 Key: KNOX-2982
                 URL: https://issues.apache.org/jira/browse/KNOX-2982
             Project: Apache Knox
          Issue Type: Improvement
            Reporter: Attila Magyar
            Assignee: Attila Magyar


If one has two identity-assertion providers, e.g.: HadoopGroupProvider and Regexp, where the HadoopGroupProvider is disabled, then the Regex provider doesn't work.

The workaround is to delete the HadoopGroupProvider altogether (instead of just disabling it).

This is a bug in JerseyServiceDeploymentContributorBase>contributeService. The addIdentityAssertionFilter is called with null provider names.

The same thing applies to addAuthenticationFilter, addAuthorizationFilter too. 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)