metron-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Yerex, Tom" <tom.ye...@ubc.ca>
Subject RE: Metron with Knox and reload issue
Date Wed, 01 Apr 2020 16:05:22 GMT
Thanks Nick. If I find a solution I'll share that with the community. It might be PEBCAK, that
remains to figure out.

;-)

--
Tom Yerex
Cybersecurity Analyst, Information Technology
Cybersecurity | CISO Office
The University of British Columbia | Musqueam Traditional Territory
Ponderosa Office Annex A | Vancouver BC | V6T1Z2 Canada
Phone 604 822 6531
Privacy Matters @ UBC


On 2020-04-01 07:05:57-07:00 Nick Allen wrote:

I am not sure Tom.  Wish I could help. I'd suggest also asking on the Apache Knox help forums.

On Sat, Mar 28, 2020 at 2:27 AM Yerex, Tom <tom.yerex@ubc.ca<mailto:tom.yerex@ubc.ca>>
wrote:
Good evening,

Working with the instructions from hxxps://github.com/apache/metron/tree/master/metron-interface<http://github.com/apache/metron/tree/master/metron-interface>

This is a new installation and we are using LDAP with Metron and now attempting to use Knox
for access control.

Using Apache Metron Management and Alerts UI directly, the login works with LDAP credentials.
When I try to access Metron Alerts or Management UI through the Apache Knox Gateway, it seems
to get locked into an infinite refresh loop after authentication is successful.

I am not sure if this has any bearing, we are using a self-signed certificate, although Metron
Alerts and Management UI are simply over the standard ports with no SSL enabled.

I have worked with Angular using nginx as a reverse-proxy for multiple Angular sites, and
vaguely recall similar behaviour due to the way node must be made aware of the new URL path.

For example, Angular/node expects the main URL to be "/", but when a reverse-proxy is applied
the path may change to become "/site1/", and so additional steps need to be taken.

I'm still not familiar enough with Knox, so I'm hoping someone else has faced this problem
and can offer insight.

Thank you,

Tom.





Mime
View raw message