ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hudson (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (AMBARI-12153) Ambari Web should automatically log the user in if valid HTTP authorization header is present (Single Sign On)
Date Sat, 27 Jun 2015 23:43:04 GMT

    [ https://issues.apache.org/jira/browse/AMBARI-12153?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14604432#comment-14604432
] 

Hudson commented on AMBARI-12153:
---------------------------------

FAILURE: Integrated in Ambari-trunk-Commit #3020 (See [https://builds.apache.org/job/Ambari-trunk-Commit/3020/])
Revert "AMBARI-12153. Ambari Web should automatically log the user in if valid HTTP authorization
header is present (Single Sign On). (yusaku)" (jaimin: http://git-wip-us.apache.org/repos/asf?p=ambari.git&a=commit&h=cd9ed4623a5084984e61583ca9a0e1c28c9464d9)
* ambari-web/app/router.js


> Ambari Web should automatically log the user in if valid HTTP authorization header is
present (Single Sign On)
> --------------------------------------------------------------------------------------------------------------
>
>                 Key: AMBARI-12153
>                 URL: https://issues.apache.org/jira/browse/AMBARI-12153
>             Project: Ambari
>          Issue Type: Improvement
>          Components: ambari-web
>    Affects Versions: 2.1.0
>            Reporter: Yusaku Sako
>            Assignee: Yusaku Sako
>             Fix For: 2.1.0
>
>         Attachments: AMBARI-12153.patch
>
>
> In some environments, Ambari is behind a gateway. When the user hits the URL to load
Ambari Web through the gateway, the user is prompted to log in (to the gateway). After the
user provides valid credentials, the gateway adds the HTTP Authorization header (Basic Auth)
to all subsequent requests. 
> Requesting GET API calls through the browser address bar handles SSO already (the user
is not explicitly asked to log in to Ambari Web) because of the Authorization header. However,
Ambari Web still prompts the user to log in (the user has to authenticate to the gateway and
Ambari Web separately). In this scenario, Ambari Web should treat the user as already logged
in.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message