[jira] [Commented] (AMBARI-12153) Ambari Web should automatically log the user in if valid HTTP authorization header is present (Single Sign On)

[Hadoop QA (JIRA)]

    [ 
https://issues.apache.org/jira/browse/AMBARI-12153?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14607622#comment-14607622
 ] 

Hadoop QA commented on AMBARI-12153:
------------------------------------

{color:red}-1 overall{color}.  Here are the results of testing the latest 
attachment 
  http://issues.apache.org/jira/secure/attachment/12742728/AMBARI-12153.2.patch
  against trunk revision .

    {color:green}+1 @author{color}.  The patch does not contain any @author 
tags.

    {color:red}-1 tests included{color}.  The patch doesn't appear to include 
any new or modified tests.
                        Please justify why no new tests are needed for this 
patch.
                        Also please list what manual steps were performed to 
verify this patch.

    {color:green}+1 javac{color}.  The applied patch does not increase the 
total number of javac compiler warnings.

    {color:green}+1 release audit{color}.  The applied patch does not increase 
the total number of release audit warnings.

    {color:green}+1 core tests{color}.  The patch passed unit tests in 
ambari-admin.

Test results: 
https://builds.apache.org/job/Ambari-trunk-test-patch/3312//testReport/
Console output: 
https://builds.apache.org/job/Ambari-trunk-test-patch/3312//console

This message is automatically generated.

> Ambari Web should automatically log the user in if valid HTTP authorization 
> header is present (Single Sign On)
> --------------------------------------------------------------------------------------------------------------
>
>                 Key: AMBARI-12153
>                 URL: https://issues.apache.org/jira/browse/AMBARI-12153
>             Project: Ambari
>          Issue Type: Improvement
>          Components: ambari-web
>    Affects Versions: 2.1.0
>            Reporter: Yusaku Sako
>            Assignee: Yusaku Sako
>             Fix For: 2.1.0
>
>         Attachments: AMBARI-12153.2.patch, AMBARI-12153.patch
>
>
> In some environments, Ambari is behind a gateway. When the user hits the URL 
> to load Ambari Web through the gateway, the user is prompted to log in (to 
> the gateway). After the user provides valid credentials, the gateway adds the 
> HTTP Authorization header (Basic Auth) to all subsequent requests. 
> Requesting GET API calls through the browser address bar handles SSO already 
> (the user is not explicitly asked to log in to Ambari Web) because of the 
> Authorization header. However, Ambari Web still prompts the user to log in 
> (the user has to authenticate to the gateway and Ambari Web separately). In 
> this scenario, Ambari Web should treat the user as already logged in.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)