[
https://issues.apache.org/jira/browse/KNOX-1364?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16712006#comment-16712006
]
Kevin Risden commented on KNOX-1364:
------------------------------------
In Knox PROXY only mode, Knox passes through all the authentication to the
Ambari backend. This would mean the Ambari cookie is the one causing the issue
and not Knox. Ambari is setting an AMBARISESSIONID cookie that is probably one
for the host and port? I looked into cookie handling as part of KNOX-1645
> Cookie path should contain the topology name aswell
> ---------------------------------------------------
>
> Key: KNOX-1364
> URL: https://issues.apache.org/jira/browse/KNOX-1364
> Project: Apache Knox
> Issue Type: Improvement
> Affects Versions: 0.14.0
> Reporter: Laszlo Nardai
> Priority: Major
> Labels: Patch, review
> Fix For: 1.3.0
>
> Attachments: KNOX-1364.patch
>
>
> When using knox in PROXY only mode, cookies are set with the following domain
> and path.
> *[https://sandbox-hdf.hortonworks.com:5443/gateway/local-hdf/ambari#/login*]
> I login to ambari on this URL, and I get a cookie with
> domain: sandbox-hdf.hortonworks.com
> path: gateway
> If I try to access another ambari instance through the same knox in the
> following URL:
>
> *[https://sandbox-hdf.hortonworks.com:5443/gateway/local-hdf2/ambari#/login*|https://sandbox-hdf.hortonworks.com:5443/gateway/local-hdf/ambari#/login*]
> domain: sandbox-hdf.hortonworks.com
> path: gateway
> So basically this cookie will overwrite the previous one and will trigger a
> logout from the first ambari ui.
> Proposed solution:
> include the topology name in the cookie path:
> domain: sandbox-hdf.hortonworks.com
> path: gateway/local-hdf
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
