[
https://issues.apache.org/jira/browse/KNOX-727?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15389590#comment-15389590
]
Larry McCay commented on KNOX-727:
----------------------------------
[~zacblanco] - thanks for discovering this issue. We need to ensure that
applications can accept roles and that those roles can be used within the
AclsAuthz provider in order to attach ACLs to hosted applications.
Alternatively, we could try and make applications *names* be used for attaching
ACLs. Role seems sort of artificial for apps, in my mind.
I am going to set the Fix Version to 0.10.0 for this.
> Authorization Support for Knox Hosted Applications
> --------------------------------------------------
>
> Key: KNOX-727
> URL: https://issues.apache.org/jira/browse/KNOX-727
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 0.9.0
> Reporter: Zachary Blanco
> Assignee: Zachary Blanco
> Fix For: 0.10.0
>
> Attachments: admin.xml, knoxsso.xml
>
>
> In the process of making an Administrator UI for the Knox, I've encountered
> an issue where we can log into the app as an unauthorized user, but then fail
> to make any AJAX requests. The Ajax requests return a 403 - which is probably
> what should happen when logging into the app with an unauthorized user.
> Steps to reproduce:
> 1. Set up the Knox admin UI app using the instructions here:
> https://github.com/ZacBlanco/knox-admin-ui/blob/master/README.md
> 2. Place attached knoxsso and admin topology files under conf/topologies
> 3. Navigate to https://www.local.com:8443/gateway/admin/knox-manager
> 4. Attempt to login with guest:guest-password
> The knox-manager page should render but in the dev console you should see
> 403-Forbidden on the Ajax requests.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
