Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 4182D200D01 for ; Fri, 22 Sep 2017 19:32:44 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id 400A41609D0; Fri, 22 Sep 2017 17:32:44 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 86A5D1609BE for ; Fri, 22 Sep 2017 19:32:43 +0200 (CEST) Received: (qmail 1042 invoked by uid 500); 22 Sep 2017 17:32:42 -0000 Mailing-List: contact dev-help@atlas.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@atlas.apache.org Delivered-To: mailing list dev@atlas.apache.org Received: (qmail 1031 invoked by uid 99); 22 Sep 2017 17:32:42 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 22 Sep 2017 17:32:42 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id DAEA3CC96A; Fri, 22 Sep 2017 17:32:41 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 3 X-Spam-Level: *** X-Spam-Status: No, score=3 tagged_above=-999 required=6.31 tests=[HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=2, KAM_LAZY_DOMAIN_SECURITY=1, RP_MATCHES_RCVD=-0.001] autolearn=disabled Received: from mx1-lw-eu.apache.org ([10.40.0.8]) by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024) with ESMTP id tIwAGOQntMeJ; Fri, 22 Sep 2017 17:32:41 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTP id 3FA955FB2E; Fri, 22 Sep 2017 17:32:40 +0000 (UTC) Received: from reviews.apache.org (unknown [10.41.0.12]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 956F8E0288; Fri, 22 Sep 2017 17:32:39 +0000 (UTC) Received: from reviews-vm2.apache.org (localhost [IPv6:::1]) by reviews.apache.org (ASF Mail Server at reviews-vm2.apache.org) with ESMTP id 7CC51C4016F; Fri, 22 Sep 2017 17:32:39 +0000 (UTC) Content-Type: multipart/alternative; boundary="===============7559413302798720253==" MIME-Version: 1.0 Subject: Re: Review Request 62382: ATLAS-2144 Add Knox x-forwarded path to Atlas base URL when Atlas is access via knox proxy From: Nixon Rodrigues To: Apoorv Naik , keval bhatt , Madhan Neethiraj , Ashutosh Mestry , Sarath Subramanian Cc: atlas , Nixon Rodrigues Date: Fri, 22 Sep 2017 17:32:39 -0000 Message-ID: <20170922173239.9074.6861@reviews-vm2.apache.org> X-ReviewBoard-URL: https://reviews.apache.org/ Auto-Submitted: auto-generated Sender: Nixon Rodrigues X-ReviewGroup: atlas X-Auto-Response-Suppress: DR, RN, OOF, AutoReply X-ReviewRequest-URL: https://reviews.apache.org/r/62382/ X-Sender: Nixon Rodrigues References: <20170918130603.55959.69044@reviews-vm2.apache.org> In-Reply-To: <20170918130603.55959.69044@reviews-vm2.apache.org> Reply-To: Nixon Rodrigues X-ReviewRequest-Repository: atlas archived-at: Fri, 22 Sep 2017 17:32:44 -0000 --===============7559413302798720253== MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/62382/ ----------------------------------------------------------- (Updated Sept. 22, 2017, 5:32 p.m.) Review request for atlas, Apoorv Naik, Ashutosh Mestry, keval bhatt, Madhan Neethiraj, and Sarath Subramanian. Changes ------- Handled Review comments and changes suggested by Aushutosh Mestry. Please review. Bugs: ATLAS-2144 https://issues.apache.org/jira/browse/ATLAS-2144 Repository: atlas Description ------- This patch includes fix to add Knox x-forwarded path to Atlas base URL when Atlas is access via knox proxy. Also the changed the httpSecurity filter precendence between SSOFilter and basicFilter. When request dispatched from knox proxy is landed in atlas with basic header and hadoopJwt cookie header, the basicFilter is invoked first before ssoFilter causing issue in SSO login. Diffs (updated) ----- webapp/src/main/java/org/apache/atlas/web/filters/AtlasKnoxSSOAuthenticationFilter.java 665fa34 webapp/src/main/java/org/apache/atlas/web/security/AtlasSecurityConfig.java 3bec838 Diff: https://reviews.apache.org/r/62382/diff/2/ Changes: https://reviews.apache.org/r/62382/diff/1-2/ Testing ------- Tested Atlas with knox authentication Tested Atlas knox proxy with Form login and Knox SSO. Tested Atlas form based Login Tested Atlas api with basic and knox cookie header. Thanks, Nixon Rodrigues --===============7559413302798720253==--