You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by rl...@apache.org on 2018/08/29 12:36:38 UTC
[ambari] branch trunk updated: [AMBARI-24536] Ambari SPNEGO breaks
SSO redirect
This is an automated email from the ASF dual-hosted git repository.
rlevas pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ambari.git
The following commit(s) were added to refs/heads/trunk by this push:
new 5bd37c7 [AMBARI-24536] Ambari SPNEGO breaks SSO redirect
5bd37c7 is described below
commit 5bd37c7cadcef0aaeccb48cdda0ac5043518231b
Author: Robert Levas <rl...@hortonworks.com>
AuthorDate: Tue Aug 28 14:01:20 2018 -0400
[AMBARI-24536] Ambari SPNEGO breaks SSO redirect
---
.../apache/ambari/server/api/AmbariErrorHandler.java | 2 +-
ambari-web/app/router.js | 2 +-
ambari-web/test/router_test.js | 20 ++++++++++++++++++++
3 files changed, 22 insertions(+), 2 deletions(-)
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/api/AmbariErrorHandler.java b/ambari-server/src/main/java/org/apache/ambari/server/api/AmbariErrorHandler.java
index 97860f2..f7c2bfa 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/api/AmbariErrorHandler.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/api/AmbariErrorHandler.java
@@ -73,7 +73,7 @@ public class AmbariErrorHandler extends ErrorHandler {
}
errorMap.put("message", message);
- if (code == HttpServletResponse.SC_FORBIDDEN) {
+ if ((code == HttpServletResponse.SC_FORBIDDEN) || (code == HttpServletResponse.SC_UNAUTHORIZED)) {
//if SSO is configured we should provide info about it in case of access error
JwtAuthenticationProperties jwtProperties = jwtAuthenticationPropertiesProvider.getProperties();
if ((jwtProperties != null) && jwtProperties.isEnabledForAmbari()) {
diff --git a/ambari-web/app/router.js b/ambari-web/app/router.js
index df54303..c3a843e 100644
--- a/ambari-web/app/router.js
+++ b/ambari-web/app/router.js
@@ -342,7 +342,7 @@ App.Router = Em.Router.extend({
* @param {?object} data
*/
onAuthenticationError: function (data) {
- if (data.status === 403) {
+ if ((data.status === 403) || (data.status === 401)) {
try {
var responseJson = JSON.parse(data.responseText);
if (responseJson.jwtProviderUrl && this.get('location.lastSetURL') !== this.get('localUserAuthUrl')) {
diff --git a/ambari-web/test/router_test.js b/ambari-web/test/router_test.js
index 7e58ad0..0b91f02 100644
--- a/ambari-web/test/router_test.js
+++ b/ambari-web/test/router_test.js
@@ -462,6 +462,26 @@ describe('App.Router', function () {
},
redirectCalled: false,
m: 'jwtProviderUrl is present, current location is local login url, no redirect'
+ },
+ {
+ lastSetURL: '/main/dashboard',
+ isResolved: false,
+ responseData: {
+ responseText: JSON.stringify({jwtProviderUrl: 'http://some.com?originalUrl='}),
+ status: 401
+ },
+ redirectCalled: true,
+ m: 'jwtProviderUrl is present, current location not local login url, redirect according to jwtProviderUrl value'
+ },
+ {
+ lastSetURL: '/login/local',
+ isResolved: false,
+ responseData: {
+ responseText: JSON.stringify({jwtProviderUrl: 'http://some.com?originalUrl='}),
+ status: 401
+ },
+ redirectCalled: false,
+ m: 'jwtProviderUrl is present, current location is local login url, no redirect'
}
].forEach(function (test) {
describe(test.m, function () {