atlas-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nixon Rodrigues <>
Subject Re: Review Request 68363: ATLAS-2824 :- Atlas to support Trusted Knox Proxy
Date Tue, 13 Nov 2018 19:51:21 GMT

This is an automatically generated e-mail. To reply, visit:

(Updated Nov. 13, 2018, 7:51 p.m.)

Review request for atlas, Apoorv Naik, Ashutosh Mestry, Larry McCay, Madhan Neethiraj, and
Sarath Subramanian.


This patch updates changes in SSLKerberosTest testcases and also added property to turn doAs
on/off for trusted proxy. 

Bugs: ATLAS-2824

Repository: atlas


This patch includes code to support request from knox proxy, where the proxy is already known
and trusted to Atlas via configuration. Atlas intercepts the incoming requests and if it from
knox proxy. Atlas allow the knox's doAs user to create session in Atlas. 

Configs required:-

atlas.authentication.allow.trustedproxy :- property allow trusted proxy support
atlas.proxyuser.knox.hosts :- property to add trusted hosts
atlas.proxyuser.knox.users :- property to add trusted users
atlas.proxyuser.knox.groups :- property to add trusted groups

Diffs (updated)

  webapp/src/main/java/org/apache/atlas/web/filters/ e5c40d061

  webapp/src/test/java/org/apache/atlas/web/security/ 21d4f8526

  webapp/src/test/java/org/apache/atlas/web/security/ 49d56b20c 





* Atlas UI from  Trusted Knox Proxy with Knox SSO loginpage.
* Atlas UI from  Knox Proxy with Atlas Login.
* Atlas UI from  Knox Proxy with SSO Filter enabled at Atlas.
* Atlas UI with Atlas Login.
* Atlas api from curl with BASIS & Kerberos headers

Topology Used:-



Nixon Rodrigues

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message