You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Attila Magyar (Jira)" <ji...@apache.org> on 2023/11/07 12:35:00 UTC
[jira] [Created] (KNOX-2982) Having one disabled one enabled identity-assertion provider in knoxsso doesn't work
Attila Magyar created KNOX-2982:
-----------------------------------
Summary: Having one disabled one enabled identity-assertion provider in knoxsso doesn't work
Key: KNOX-2982
URL: https://issues.apache.org/jira/browse/KNOX-2982
Project: Apache Knox
Issue Type: Improvement
Reporter: Attila Magyar
Assignee: Attila Magyar
If one has two identity-assertion providers, e.g.: HadoopGroupProvider and Regexp, where the HadoopGroupProvider is disabled, then the Regex provider doesn't work.
The workaround is to delete the HadoopGroupProvider altogether (instead of just disabling it).
This is a bug in JerseyServiceDeploymentContributorBase>contributeService. The addIdentityAssertionFilter is called with null provider names.
The same thing applies to addAuthenticationFilter, addAuthorizationFilter too.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)