[jira] [Commented] (AMBARI-12153) Ambari Web should automatically log the user in if valid HTTP authorization header is present (Single Sign On)

Tue, 30 Jun 2015 11:06:03 -0700 

    [ 
https://issues.apache.org/jira/browse/AMBARI-12153?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14608761#comment-14608761
 ] 

Hudson commented on AMBARI-12153:
---------------------------------

SUCCESS: Integrated in Ambari-branch-2.1 #152 (See 
[https://builds.apache.org/job/Ambari-branch-2.1/152/])
AMBARI-12153. Ambari Web should automatically log the user in if valid HTTP 
authorization header is present (Single Sign On). (yusaku) (yusaku: 
http://git-wip-us.apache.org/repos/asf?p=ambari.git&a=commit&h=1551e915b67428251bf24a1cbcff49b355be87f7)
* ambari-web/app/router.js
* ambari-admin/src/main/resources/ui/admin-web/app/scripts/services/Auth.js
* 
ambari-admin/src/main/resources/ui/admin-web/app/scripts/controllers/mainCtrl.js
* ambari-web/app/utils/ajax/ajax.js


> Ambari Web should automatically log the user in if valid HTTP authorization 
> header is present (Single Sign On)
> --------------------------------------------------------------------------------------------------------------
>
>                 Key: AMBARI-12153
>                 URL: https://issues.apache.org/jira/browse/AMBARI-12153
>             Project: Ambari
>          Issue Type: Improvement
>          Components: ambari-web
>    Affects Versions: 2.1.0
>            Reporter: Yusaku Sako
>            Assignee: Yusaku Sako
>             Fix For: 2.1.0
>
>         Attachments: AMBARI-12153.2.patch, AMBARI-12153.patch
>
>
> In some environments, Ambari is behind a gateway. When the user hits the URL 
> to load Ambari Web through the gateway, the user is prompted to log in (to 
> the gateway). After the user provides valid credentials, the gateway adds the 
> HTTP Authorization header (Basic Auth) to all subsequent requests. 
> Requesting GET API calls through the browser address bar handles SSO already 
> (the user is not explicitly asked to log in to Ambari Web) because of the 
> Authorization header. However, Ambari Web still prompts the user to log in 
> (the user has to authenticate to the gateway and Ambari Web separately). In 
> this scenario, Ambari Web should treat the user as already logged in.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to