You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Kevin Risden (Jira)" <ji...@apache.org> on 2020/01/09 18:13:00 UTC
[jira] [Commented] (KNOX-718) KnoxSSO login page doesn't display
any feedback on error
[ https://issues.apache.org/jira/browse/KNOX-718?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17012099#comment-17012099 ]
Kevin Risden commented on KNOX-718:
-----------------------------------
This is about the KnoxSSO form based login not providing any feedback. Whitelist violation is just one example of this. Any dispatch redirect error can cause issues that aren't reported back on the KnoxSSO form.
> KnoxSSO login page doesn't display any feedback on error
> --------------------------------------------------------
>
> Key: KNOX-718
> URL: https://issues.apache.org/jira/browse/KNOX-718
> Project: Apache Knox
> Issue Type: Bug
> Components: KnoxSSO
> Reporter: Krishna Pandey
> Assignee: Kevin Risden
> Priority: Major
> Fix For: 1.4.0
>
>
> User does not get any warning for rejection due to whitelist when logging through KnoxSSO form based authentication. Refer logs below from gateway.log
> "2016-06-21 18:26:02,074 WARN service.knoxsso (WebSSOResource.java:init(89)) - The SSO cookie SecureOnly flag is set to FALSE and is therefore insecure.
> 2016-06-21 18:26:02,076 INFO service.knoxsso (WebSSOResource.java:getCookieValue(265)) - Unable to find cookie with name: original-url
> 2016-06-21 18:26:02,077 ERROR service.knoxsso (WebSSOResource.java:getAuthenticationToken(159)) - The original URL: http://<ranger_host>:6080/ for redirecting back after authentication is not valid according to the configured whitelist: ^https?:\/\/(localhost|127\.0\.0\.1|0:0:0:0:0:0:0:1|::1):[0-9].*$. See documentation for KnoxSSO Whitelisting."
--
This message was sent by Atlassian Jira
(v8.3.4#803005)