This is an automated email from the ASF dual-hosted git repository.
rlevas pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ambari.git
The following commit(s) were added to refs/heads/trunk by this push:
new 5bd37c7 [AMBARI-24536] Ambari SPNEGO breaks SSO redirect
5bd37c7 is described below
commit 5bd37c7cadcef0aaeccb48cdda0ac5043518231b
Author: Robert Levas <[email protected]>
AuthorDate: Tue Aug 28 14:01:20 2018 -0400
[AMBARI-24536] Ambari SPNEGO breaks SSO redirect
---
.../apache/ambari/server/api/AmbariErrorHandler.java | 2 +-
ambari-web/app/router.js | 2 +-
ambari-web/test/router_test.js | 20 ++++++++++++++++++++
3 files changed, 22 insertions(+), 2 deletions(-)
diff --git
a/ambari-server/src/main/java/org/apache/ambari/server/api/AmbariErrorHandler.java
b/ambari-server/src/main/java/org/apache/ambari/server/api/AmbariErrorHandler.java
index 97860f2..f7c2bfa 100644
---
a/ambari-server/src/main/java/org/apache/ambari/server/api/AmbariErrorHandler.java
+++
b/ambari-server/src/main/java/org/apache/ambari/server/api/AmbariErrorHandler.java
@@ -73,7 +73,7 @@ public class AmbariErrorHandler extends ErrorHandler {
}
errorMap.put("message", message);
- if (code == HttpServletResponse.SC_FORBIDDEN) {
+ if ((code == HttpServletResponse.SC_FORBIDDEN) || (code ==
HttpServletResponse.SC_UNAUTHORIZED)) {
//if SSO is configured we should provide info about it in case of access
error
JwtAuthenticationProperties jwtProperties =
jwtAuthenticationPropertiesProvider.getProperties();
if ((jwtProperties != null) && jwtProperties.isEnabledForAmbari()) {
diff --git a/ambari-web/app/router.js b/ambari-web/app/router.js
index df54303..c3a843e 100644
--- a/ambari-web/app/router.js
+++ b/ambari-web/app/router.js
@@ -342,7 +342,7 @@ App.Router = Em.Router.extend({
* @param {?object} data
*/
onAuthenticationError: function (data) {
- if (data.status === 403) {
+ if ((data.status === 403) || (data.status === 401)) {
try {
var responseJson = JSON.parse(data.responseText);
if (responseJson.jwtProviderUrl && this.get('location.lastSetURL') !==
this.get('localUserAuthUrl')) {
diff --git a/ambari-web/test/router_test.js b/ambari-web/test/router_test.js
index 7e58ad0..0b91f02 100644
--- a/ambari-web/test/router_test.js
+++ b/ambari-web/test/router_test.js
@@ -462,6 +462,26 @@ describe('App.Router', function () {
},
redirectCalled: false,
m: 'jwtProviderUrl is present, current location is local login url, no
redirect'
+ },
+ {
+ lastSetURL: '/main/dashboard',
+ isResolved: false,
+ responseData: {
+ responseText: JSON.stringify({jwtProviderUrl:
'http://some.com?originalUrl='}),
+ status: 401
+ },
+ redirectCalled: true,
+ m: 'jwtProviderUrl is present, current location not local login url,
redirect according to jwtProviderUrl value'
+ },
+ {
+ lastSetURL: '/login/local',
+ isResolved: false,
+ responseData: {
+ responseText: JSON.stringify({jwtProviderUrl:
'http://some.com?originalUrl='}),
+ status: 401
+ },
+ redirectCalled: false,
+ m: 'jwtProviderUrl is present, current location is local login url, no
redirect'
}
].forEach(function (test) {
describe(test.m, function () {
