[
https://issues.apache.org/jira/browse/ATLAS-3116?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nixon Rodrigues updated ATLAS-3116:
-----------------------------------
Description:
*Background of the issue.*
Dependency of AtlasAuthenticationProvider is Injected in two place from
constructor with @Inject 1)
[AtlasKnoxSSOFilter|https://github.com/apache/atlas/blob/master/webapp/src/main/java/org/apache/atlas/web/filters/AtlasKnoxSSOAuthenticationFilter.java#L102]
and
[AtlasSecurityConfig|https://github.com/apache/atlas/blob/master/webapp/src/main/java/org/apache/atlas/web/security/AtlasSecurityConfig.java#L72].
After observing the hashCode of objects of the AtlasAuthenticationProvider
appeared to be same in respectively classes.
If no scope is specified single instance per container is created and thats
caused the bug described below.
The *ssoEnabled* is a property in AtlasAuthenticationProvider which set from
AtlasKnoxSSOFilter flow. Since the object reference were same, once the
ssoEnabled is set true, it apply for LdapAuthentication flow also and the
[ldap authentication flow is goes in sso
block|https://github.com/apache/atlas/blob/master/webapp/src/main/java/org/apache/atlas/web/security/AtlasAuthenticationProvider.java#L92]
To fix the issue added scope prototype to AtlasAuthenticationProvider , so that
different objects are create in AtlasKnoxSSOFilter and AtlasSecurityConfig
respectively.
> Fix LDAP login, once a sign-on is made through knox SSO.
> --------------------------------------------------------
>
> Key: ATLAS-3116
> URL: https://issues.apache.org/jira/browse/ATLAS-3116
> Project: Atlas
> Issue Type: Bug
> Affects Versions: 0.8.3, 1.1.0
> Reporter: Nixon Rodrigues
> Assignee: Nixon Rodrigues
> Priority: Major
> Fix For: 0.8.4, 1.2.0, 2.0.0
>
> Attachments: ATLAS-3116.patch
>
>
> *Background of the issue.*
>
> Dependency of AtlasAuthenticationProvider is Injected in two place from
> constructor with @Inject 1)
> [AtlasKnoxSSOFilter|https://github.com/apache/atlas/blob/master/webapp/src/main/java/org/apache/atlas/web/filters/AtlasKnoxSSOAuthenticationFilter.java#L102]
> and
> [AtlasSecurityConfig|https://github.com/apache/atlas/blob/master/webapp/src/main/java/org/apache/atlas/web/security/AtlasSecurityConfig.java#L72].
> After observing the hashCode of objects of the AtlasAuthenticationProvider
> appeared to be same in respectively classes.
>
> If no scope is specified single instance per container is created and thats
> caused the bug described below.
>
> The *ssoEnabled* is a property in AtlasAuthenticationProvider which set from
> AtlasKnoxSSOFilter flow. Since the object reference were same, once the
> ssoEnabled is set true, it apply for LdapAuthentication flow also and the
> [ldap authentication flow is goes in sso
> block|https://github.com/apache/atlas/blob/master/webapp/src/main/java/org/apache/atlas/web/security/AtlasAuthenticationProvider.java#L92]
>
> To fix the issue added scope prototype to AtlasAuthenticationProvider , so
> that different objects are create in AtlasKnoxSSOFilter and
> AtlasSecurityConfig respectively.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
