You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Sandeep More (JIRA)" <ji...@apache.org> on 2018/04/24 16:00:00 UTC
[jira] [Commented] (KNOX-1274) SSO redirect for Spark2 History
Server needs to be rewritten
[ https://issues.apache.org/jira/browse/KNOX-1274?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16450127#comment-16450127 ]
Sandeep More commented on KNOX-1274:
------------------------------------
Hello [~mgaido] I did a quick test and it appears to be working, did you add the SSOCookieProvider to your topology ?
{code:java}
<provider>
<role>federation</role>
<name>SSOCookieProvider</name>
<enabled>true</enabled>
<param>
<name>sso.authentication.provider.url</name>
<value>https://www.local.com:8443/gateway/knoxsso/api/v1/websso</value>
</param>
</provider>{code}
Please reopen the bug if you think this is still an issue.
> SSO redirect for Spark2 History Server needs to be rewritten
> ------------------------------------------------------------
>
> Key: KNOX-1274
> URL: https://issues.apache.org/jira/browse/KNOX-1274
> Project: Apache Knox
> Issue Type: Bug
> Reporter: Marco Gaido
> Assignee: Sandeep More
> Priority: Major
>
> When Spark2 History Server is accessed through Knox gateway and Knox SSO is configured, after the authentication, the SSO redirects to the direct Spark History Server's URL, instead of the proxied one, ie. one gets redirected to: {{https://knox_host:8443/gateway/knoxsso/knoxauth/login.html?originalUrl=http://shs_host:18081/&do....}} and so after the login, it redirects to {{http://shs_host:18081/&doAs=...}}, instead of {{https://knox_host:8443/gateway/default/sparkhistory}}.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
Re: [jira] [Commented] (KNOX-1274) SSO redirect for Spark2 History
Server needs to be rewritten
Posted by larry mccay <lm...@apache.org>.
Marco may be using the Hadoop native JWTRedirectAuthenticationHandler
instead of SSOCookieProvider.
In which case, the original URL would require a rewrite rule for the
Location header.
On Tue, Apr 24, 2018 at 12:00 PM, Sandeep More (JIRA) <ji...@apache.org>
wrote:
>
> [ https://issues.apache.org/jira/browse/KNOX-1274?page=
> com.atlassian.jira.plugin.system.issuetabpanels:comment-
> tabpanel&focusedCommentId=16450127#comment-16450127 ]
>
> Sandeep More commented on KNOX-1274:
> ------------------------------------
>
> Hello [~mgaido] I did a quick test and it appears to be working, did you
> add the SSOCookieProvider to your topology ?
> {code:java}
> <provider>
> <role>federation</role>
> <name>SSOCookieProvider</name>
> <enabled>true</enabled>
> <param>
> <name>sso.authentication.provider.url</name>
> <value>https://www.local.com:
> 8443/gateway/knoxsso/api/v1/websso</value>
> </param>
> </provider>{code}
> Please reopen the bug if you think this is still an issue.
>
> > SSO redirect for Spark2 History Server needs to be rewritten
> > ------------------------------------------------------------
> >
> > Key: KNOX-1274
> > URL: https://issues.apache.org/jira/browse/KNOX-1274
> > Project: Apache Knox
> > Issue Type: Bug
> > Reporter: Marco Gaido
> > Assignee: Sandeep More
> > Priority: Major
> >
> > When Spark2 History Server is accessed through Knox gateway and Knox SSO
> is configured, after the authentication, the SSO redirects to the direct
> Spark History Server's URL, instead of the proxied one, ie. one gets
> redirected to: {{https://knox_host:8443/gateway/knoxsso/knoxauth/
> login.html?originalUrl=http://shs_host:18081/&do....}} and so after the
> login, it redirects to {{http://shs_host:18081/&doAs=...}}, instead of {{
> https://knox_host:8443/gateway/default/sparkhistory}}.
>
>
>
> --
> This message was sent by Atlassian JIRA
> (v7.6.3#76005)
>