You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "Andrew M. Lim (Jira)" <ji...@apache.org> on 2021/11/02 21:49:00 UTC

[jira] [Assigned] (NIFI-7033) wrong redirect from login/logout page when behind a custom url prefix/context

     [ https://issues.apache.org/jira/browse/NIFI-7033?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Andrew M. Lim reassigned NIFI-7033:
-----------------------------------

    Assignee: David Handermann

> wrong redirect from login/logout page when behind a custom url prefix/context
> -----------------------------------------------------------------------------
>
>                 Key: NIFI-7033
>                 URL: https://issues.apache.org/jira/browse/NIFI-7033
>             Project: Apache NiFi
>          Issue Type: Bug
>          Components: Core UI
>    Affects Versions: 1.10.0, 1.14.0
>         Environment: NiFi official Docker Container, behind HAProxy, RHEL 7.6, Docker 18.06.0-ce
>            Reporter: Rastislav Krist
>            Assignee: David Handermann
>            Priority: Major
>             Fix For: 1.15.0
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> Login/logout pages don't redirect properly when NiFi is deployed on a custom URL prefix (context). For example when deploying NiFi on custom URL like [https://nifi-host/mynifi|https://nifi-host/mynifi,] (using HAPROXY, setting nifi.web.proxy.host=mynifi), UI works perfectly (via [https://nifi-host/mynifi/nifi/|https://nifi-host/mynifi,]). Problem is with login/logout pages, which both don't seem to honor X-ProxyContextPath and after successfull login/logout they both redirect to [https://nifi-host/nifi|https://nifi-host/mynifi,].
> After some investigations made, the problem on login page seems to be in nf-login.js containing hardcoded url in lines 121-125:
> {code:java}
> if (accessStatus.status === 'ACTIVE') {
>     // reload as appropriate - no need to schedule token refresh as the page is reloading
>     if (top !== window) {
>         parent.window.location = '/nifi';
>     } else {
>         window.location = '/nifi';
>     }
> } else {
> ...
> {code}
> where on logout page, redirect url is composed purely using HttpServletResponse in LogoutFilter.java, 53 (without examining X-ProxyContextPath):
> {code:java}
> ((HttpServletResponse) response).sendRedirect("login");
> {code}
> Found a similar issue with OpenID fixed few version ago, I am not sure if it is somehow related: NIFI-5237
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)