You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2020/06/19 17:53:00 UTC

[jira] [Commented] (KNOX-2393) Add a configurable list of paths that SSOCookieProvider can ignore

    [ https://issues.apache.org/jira/browse/KNOX-2393?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17140731#comment-17140731 ] 

ASF subversion and git services commented on KNOX-2393:
-------------------------------------------------------

Commit 2c28207b09732f1e6103813789e5a2f19024866b in knox's branch refs/heads/master from Sandeep Moré
[ https://gitbox.apache.org/repos/asf?p=knox.git;h=2c28207 ]

KNOX-2393 - Add a configurable list of paths  that SSOCookieProvider can ignore (#349)



> Add a configurable list of paths that SSOCookieProvider can ignore
> ------------------------------------------------------------------
>
>                 Key: KNOX-2393
>                 URL: https://issues.apache.org/jira/browse/KNOX-2393
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: KnoxSSO
>            Reporter: Sandeep More
>            Assignee: Sandeep More
>            Priority: Major
>             Fix For: 1.4.0
>
>          Time Spent: 1h 20m
>  Remaining Estimate: 0h
>
> There are some cases where browser sends automatic GET requests [1] (e.g. favicon.ico) that can interfere with KnoxSSO flow depending on the timing of the requests and cause SSO page to land on favicon icon.
> This could be achieved by adding a list of path for SSO to ignore using a property  {{gateway.knox.sso.unauthenticated.path.list}}
> e.g.
> {code:xml}
>    <provider>
>            <role>federation</role>
>            <name>SSOCookieProvider</name>
>            <enabled>true</enabled>
>            <param>
>               <name>sso.authentication.provider.url</name>
>               <value>/gateway/knoxsso/api/v1/websso</value>
>            </param>
>            <param>
>               <name>gateway.knox.sso.unauthenticated.path.list</name>
>               <value>favicon.ico;test;unsafepath</value>
>            </param>
>     </provider>
>  {code}
> [1] [https://bugs.chromium.org/p/chromium/issues/detail?id=39402]



--
This message was sent by Atlassian Jira
(v8.3.4#803005)