You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by am...@apache.org on 2017/11/16 15:36:30 UTC
[07/50] [abbrv] ambari git commit: AMBARI-22266. Log Search server
does not handle proxies properly (oleewere)
AMBARI-22266. Log Search server does not handle proxies properly (oleewere)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/56033c95
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/56033c95
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/56033c95
Branch: refs/heads/branch-feature-AMBARI-22008
Commit: 56033c957b84828d0c2835d43db6b437a91ab7ef
Parents: 28509fd
Author: Oliver Szabo <ol...@gmail.com>
Authored: Wed Nov 8 11:54:46 2017 +0100
Committer: Attila Magyar <am...@hortonworks.com>
Committed: Thu Nov 16 16:35:25 2017 +0100
----------------------------------------------------------------------
.../ambari/logsearch/conf/AuthPropsConfig.java | 18 ++++++++++++++++++
.../ambari/logsearch/conf/SecurityConfig.java | 6 ++++--
.../LogsearchAuthenticationEntryPoint.java | 2 +-
3 files changed, 23 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/56033c95/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/conf/AuthPropsConfig.java
----------------------------------------------------------------------
diff --git a/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/conf/AuthPropsConfig.java b/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/conf/AuthPropsConfig.java
index 2bcdebc..06673b3 100644
--- a/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/conf/AuthPropsConfig.java
+++ b/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/conf/AuthPropsConfig.java
@@ -167,6 +167,16 @@ public class AuthPropsConfig {
)
private List<String> allowedRoles;
+ @Value("${logsearch.auth.redirect.forward:false}")
+ @LogSearchPropertyDescription(
+ name = "logsearch.auth.redirect.forward",
+ description = "Forward redirects for HTTP calls. (useful in case of proxies)",
+ examples = {"true"},
+ defaultValue = "false",
+ sources = {LOGSEARCH_PROPERTIES_FILE}
+ )
+ private boolean redirectForward;
+
public boolean isAuthFileEnabled() {
return authFileEnabled;
}
@@ -278,4 +288,12 @@ public class AuthPropsConfig {
public void setAllowedRoles(List<String> allowedRoles) {
this.allowedRoles = allowedRoles;
}
+
+ public boolean isRedirectForward() {
+ return redirectForward;
+ }
+
+ public void setRedirectForward(boolean redirectForward) {
+ this.redirectForward = redirectForward;
+ }
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/56033c95/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/conf/SecurityConfig.java
----------------------------------------------------------------------
diff --git a/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/conf/SecurityConfig.java b/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/conf/SecurityConfig.java
index cb8124e..6f8d7ba 100644
--- a/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/conf/SecurityConfig.java
+++ b/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/conf/SecurityConfig.java
@@ -44,6 +44,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.OrRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
@@ -105,8 +106,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
.httpBasic()
.authenticationEntryPoint(logsearchAuthenticationEntryPoint())
.and()
- .addFilterBefore(logsearchUsernamePasswordAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class)
- .addFilterBefore(logsearchKRBAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class)
+ .addFilterBefore(logsearchKRBAuthenticationFilter(), BasicAuthenticationFilter.class)
+ .addFilterBefore(logsearchUsernamePasswordAuthenticationFilter(), LogsearchKRBAuthenticationFilter.class)
.addFilterAfter(securityContextFormationFilter(), FilterSecurityInterceptor.class)
.addFilterAfter(logsearchEventHistoryFilter(), LogsearchSecurityContextFormationFilter.class)
.addFilterAfter(logsearchAuditLogFilter(), LogsearchSecurityContextFormationFilter.class)
@@ -153,6 +154,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
public LogsearchAuthenticationEntryPoint logsearchAuthenticationEntryPoint() {
LogsearchAuthenticationEntryPoint entryPoint = new LogsearchAuthenticationEntryPoint("/login");
entryPoint.setForceHttps(false);
+ entryPoint.setUseForward(authPropsConfig.isRedirectForward());
return entryPoint;
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/56033c95/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/web/filters/LogsearchAuthenticationEntryPoint.java
----------------------------------------------------------------------
diff --git a/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/web/filters/LogsearchAuthenticationEntryPoint.java b/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/web/filters/LogsearchAuthenticationEntryPoint.java
index 1831697..2fe5f7b 100644
--- a/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/web/filters/LogsearchAuthenticationEntryPoint.java
+++ b/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/web/filters/LogsearchAuthenticationEntryPoint.java
@@ -44,7 +44,7 @@ public class LogsearchAuthenticationEntryPoint extends LoginUrlAuthenticationEnt
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Session Timeout");
} else {
logger.debug("Redirecting to login page :" + this.getLoginFormUrl());
- response.sendRedirect(this.getLoginFormUrl() + ((request.getQueryString() != null) ? "?" + request.getQueryString() : ""));
+ super.commence(request, response, authException);
}
}
}