You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by lm...@apache.org on 2016/12/13 23:05:29 UTC
knox git commit: KNOX-795 - Make KnoxSSO Cookie Name Configurable
Repository: knox
Updated Branches:
refs/heads/master 3e3db7b4f -> 5b0dde2bb
KNOX-795 - Make KnoxSSO Cookie Name Configurable
Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/5b0dde2b
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/5b0dde2b
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/5b0dde2b
Branch: refs/heads/master
Commit: 5b0dde2bbd2f1b1598095143a91d09a93a92d71b
Parents: 3e3db7b
Author: Larry McCay <lm...@hortonworks.com>
Authored: Tue Dec 13 18:05:20 2016 -0500
Committer: Larry McCay <lm...@hortonworks.com>
Committed: Tue Dec 13 18:05:20 2016 -0500
----------------------------------------------------------------------
.../hadoop/gateway/service/knoxsso/WebSSOResource.java | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/knox/blob/5b0dde2b/gateway-service-knoxsso/src/main/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResource.java
----------------------------------------------------------------------
diff --git a/gateway-service-knoxsso/src/main/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResource.java b/gateway-service-knoxsso/src/main/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResource.java
index 41379d3..977ffaf 100644
--- a/gateway-service-knoxsso/src/main/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResource.java
+++ b/gateway-service-knoxsso/src/main/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResource.java
@@ -49,6 +49,7 @@ import static javax.ws.rs.core.MediaType.APPLICATION_XML;
@Path( WebSSOResource.RESOURCE_PATH )
public class WebSSOResource {
+ private static final String SSO_COOKIE_NAME = "knoxsso.cookie.name";
private static final String SSO_COOKIE_SECURE_ONLY_INIT_PARAM = "knoxsso.cookie.secure.only";
private static final String SSO_COOKIE_MAX_AGE_INIT_PARAM = "knoxsso.cookie.max.age";
private static final String SSO_COOKIE_DOMAIN_SUFFIX_PARAM = "knoxsso.cookie.domain.suffix";
@@ -58,11 +59,12 @@ public class WebSSOResource {
private static final String SSO_ENABLE_SESSION_PARAM = "knoxsso.enable.session";
private static final String ORIGINAL_URL_REQUEST_PARAM = "originalUrl";
private static final String ORIGINAL_URL_COOKIE_NAME = "original-url";
- private static final String JWT_COOKIE_NAME = "hadoop-jwt";
+ private static final String DEFAULT_SSO_COOKIE_NAME = "hadoop-jwt";
// default for the whitelist - open up for development - relative paths and localhost only
private static final String DEFAULT_WHITELIST = "^/.*$;^https?://(localhost|127.0.0.1|0:0:0:0:0:0:0:1|::1):\\d{0,9}/.*$";
static final String RESOURCE_PATH = "/api/v1/websso";
private static KnoxSSOMessages log = MessagesFactory.get( KnoxSSOMessages.class );
+ private String cookieName = null;
private boolean secureOnly = true;
private int maxAge = -1;
private long tokenTTL = 30000l;
@@ -82,6 +84,13 @@ public class WebSSOResource {
@PostConstruct
public void init() {
+
+ // configured cookieName
+ cookieName = context.getInitParameter(SSO_COOKIE_NAME);
+ if (cookieName == null) {
+ cookieName = DEFAULT_SSO_COOKIE_NAME;
+ }
+
String secure = context.getInitParameter(SSO_COOKIE_SECURE_ONLY_INIT_PARAM);
if (secure != null) {
secureOnly = ("false".equals(secure) ? false : true);
@@ -221,7 +230,7 @@ public class WebSSOResource {
private void addJWTHadoopCookie(String original, JWT token) {
log.addingJWTCookie(token.toString());
- Cookie c = new Cookie(JWT_COOKIE_NAME, token.toString());
+ Cookie c = new Cookie(cookieName, token.toString());
c.setPath("/");
try {
String domain = Urls.getDomainName(original, domainSuffix);