atlas-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Madhan Neethiraj <mad...@apache.org>
Subject Re: Review Request 62769: ATLAS-2166 - Added validation to prevent kerberos authentication when knox-proxy adds hadoop-auth header to proxied request
Date Fri, 13 Oct 2017 16:02:43 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62769/#review187975
-----------------------------------------------------------


Ship it!




Ship It!

- Madhan Neethiraj


On Oct. 13, 2017, 12:25 p.m., Nixon Rodrigues wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62769/
> -----------------------------------------------------------
> 
> (Updated Oct. 13, 2017, 12:25 p.m.)
> 
> 
> Review request for atlas, Apoorv Naik, Ashutosh Mestry, Madhan Neethiraj, and Sarath
Subramanian.
> 
> 
> Bugs: ATLAS-2166
>     https://issues.apache.org/jira/browse/ATLAS-2166
> 
> 
> Repository: atlas
> 
> 
> Description
> -------
> 
> Bug description:-
> On refreshing Atlas page logged in via Knox proxy ,which has ATLASSESSION ID expired
(idle for a long time) , logs in as knox user.
> 
> Fix Description :-
> 
> ATLAS-2166 - Added validation to prevent kerberos authentication when knox-proxy adds
hadoop-auth header to proxied request
> 
> 
> Diffs
> -----
> 
>   webapp/src/main/java/org/apache/atlas/web/filters/AtlasAuthenticationFilter.java 444b094

> 
> 
> Diff: https://reviews.apache.org/r/62769/diff/3/
> 
> 
> Testing
> -------
> 
> Tested Atlas UI/API  with Atlas and knox Kerberized Env with & without proxy and
also with SSO on/off.
> Tested curl with call with --negotiate headers.
> Tested curl with call with hadoop-jwt knox cookie header.
> 
> 
> Thanks,
> 
> Nixon Rodrigues
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message