Repository: knox Updated Branches: refs/heads/master a5fcb4be1 -> 928bfab30
KNOX-1344 - Atlas HA dispatch mishandling SSO redirection Project: http://git-wip-us.apache.org/repos/asf/knox/repo Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/928bfab3 Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/928bfab3 Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/928bfab3 Branch: refs/heads/master Commit: 928bfab30d244881efb632ad9d0543960cb72783 Parents: a5fcb4b Author: Phil Zampino <pzamp...@apache.org> Authored: Thu Jun 7 10:37:31 2018 -0400 Committer: Phil Zampino <pzamp...@apache.org> Committed: Thu Jun 7 10:37:31 2018 -0400 ---------------------------------------------------------------------- .../gateway/ha/dispatch/AtlasHaDispatch.java | 30 ++++++++++++++------ 1 file changed, 22 insertions(+), 8 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/knox/blob/928bfab3/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/dispatch/AtlasHaDispatch.java ---------------------------------------------------------------------- diff --git a/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/dispatch/AtlasHaDispatch.java b/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/dispatch/AtlasHaDispatch.java index 36208e0..77eb21d 100644 --- a/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/dispatch/AtlasHaDispatch.java +++ b/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/dispatch/AtlasHaDispatch.java @@ -57,18 +57,23 @@ public class AtlasHaDispatch extends DefaultHaDispatch { } @Override - protected void executeRequest(HttpUriRequest outboundRequest, HttpServletRequest inboundRequest, HttpServletResponse outboundResponse) throws IOException { + protected void executeRequest(HttpUriRequest outboundRequest, + HttpServletRequest inboundRequest, + HttpServletResponse outboundResponse) throws IOException { HttpResponse inboundResponse = null; try { inboundResponse = executeOutboundRequest(outboundRequest); - int statusCode = inboundResponse.getStatusLine().getStatusCode(); - Header originalLocationHeader = inboundResponse.getFirstHeader("Location"); - - if((statusCode == HttpServletResponse.SC_MOVED_TEMPORARILY || statusCode == HttpServletResponse.SC_TEMPORARY_REDIRECT) - && originalLocationHeader != null && !originalLocationHeader.getValue().endsWith("login.jsp")){ - inboundResponse.removeHeaders("Location"); - failoverRequest(outboundRequest, inboundRequest, outboundResponse, inboundResponse, new Exception("Atlas HA redirection")); + int sc = inboundResponse.getStatusLine().getStatusCode(); + if(sc == HttpServletResponse.SC_MOVED_TEMPORARILY || sc == HttpServletResponse.SC_TEMPORARY_REDIRECT) { + if(!isLoginRedirect(inboundResponse.getFirstHeader("Location"))) { + inboundResponse.removeHeaders("Location"); + failoverRequest(outboundRequest, + inboundRequest, + outboundResponse, + inboundResponse, + new Exception("Atlas HA redirection")); + } } writeOutboundResponse(outboundRequest, inboundRequest, outboundResponse, inboundResponse); @@ -79,4 +84,13 @@ public class AtlasHaDispatch extends DefaultHaDispatch { } } + private boolean isLoginRedirect(Header locationHeader) { + boolean result = false; + if (locationHeader != null) { + String value = locationHeader.getValue(); + result = (value.endsWith("login.jsp") || value.contains("originalUrl")); + } + return result; + } + }