From dev-return-11492-apmail-knox-dev-archive=knox.apache.org@knox.apache.org Mon Oct 2 11:21:24 2017 Return-Path: X-Original-To: apmail-knox-dev-archive@minotaur.apache.org Delivered-To: apmail-knox-dev-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 8B14410E86 for ; Mon, 2 Oct 2017 11:21:24 +0000 (UTC) Received: (qmail 1991 invoked by uid 500); 2 Oct 2017 11:21:24 -0000 Delivered-To: apmail-knox-dev-archive@knox.apache.org Received: (qmail 1926 invoked by uid 500); 2 Oct 2017 11:21:24 -0000 Mailing-List: contact dev-help@knox.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@knox.apache.org Delivered-To: mailing list dev@knox.apache.org Received: (qmail 1915 invoked by uid 99); 2 Oct 2017 11:21:24 -0000 Received: from mail-relay.apache.org (HELO mail-relay.apache.org) (140.211.11.15) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 02 Oct 2017 11:21:24 +0000 Received: from mail-pg0-f48.google.com (mail-pg0-f48.google.com [74.125.83.48]) by mail-relay.apache.org (ASF Mail Server at mail-relay.apache.org) with ESMTPSA id 141191A0044 for ; Mon, 2 Oct 2017 11:21:24 +0000 (UTC) Received: by mail-pg0-f48.google.com with SMTP id p5so2824824pgn.7 for ; Mon, 02 Oct 2017 04:21:24 -0700 (PDT) X-Gm-Message-State: AHPjjUhDZ27FBr9lzEwCauVGcfs8j+koujg40DN1sG6p4kFBBoarS6gz yz6W7SggCurssx33ZlTsW/xhrtn5vR0FO6u1WG8= X-Google-Smtp-Source: AOwi7QAgfG5fgAOVsG6t/7bbsqtUgScRSE/o3wjB3F8uj9Lrkiia7J8zinp3pTQkeEfeSBwhr2TMXfb8H7JLpCEk+3w= X-Received: by 10.101.92.196 with SMTP id b4mr12318841pgt.85.1506943283322; Mon, 02 Oct 2017 04:21:23 -0700 (PDT) MIME-Version: 1.0 Reply-To: coheigea@apache.org Received: by 10.100.165.169 with HTTP; Mon, 2 Oct 2017 04:21:22 -0700 (PDT) From: Colm O hEigeartaigh Date: Mon, 2 Oct 2017 12:21:22 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: KNOXSSO + Ranger To: dev@knox.apache.org Content-Type: multipart/alternative; boundary="089e082687b81964c4055a8e9320" --089e082687b81964c4055a8e9320 Content-Type: text/plain; charset="UTF-8" Hi, I'm testing using KNOXSSO with Apache Ranger, unsuccessfully thus far. I am getting redirected back to Ranger, but apparently without the cookie, and Ranger is redirecting back to Knox again. Two initial questions: 1) I've noticed is that it is invoking 'redirecting.jsp' back to Ranger, but this is not invoked when starting from a Knox topology. Why is this? 2) When 'redirecting.jsp' is used, we are checking the whitelist twice (once in WebSSOResource and once in redirecting.jsp). Is the check in redirecting.jsp really necessary (it also means that 'knoxsso.redirect.whitelist.regex' must be configured, using the default doesn't work). Colm. -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com --089e082687b81964c4055a8e9320--