[jira] [Work logged] (KNOX-1191) Implement Azure AD support for Knox SSO

Fri, 22 Feb 2019 10:03:13 -0800 


     [ 
https://issues.apache.org/jira/browse/KNOX-1191?focusedWorklogId=202769&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-202769
 ]

ASF GitHub Bot logged work on KNOX-1191:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 22/Feb/19 18:02
            Start Date: 22/Feb/19 18:02
    Worklog Time Spent: 10m 
      Work Description: risdenk commented on pull request #57: KNOX-1191 - 
Azure AD support for KnoxSSO
URL: https://github.com/apache/knox/pull/57#discussion_r259449645
 
 

 ##########
 File path: 
gateway-provider-security-pac4j/src/main/java/org/apache/knox/gateway/pac4j/filter/Pac4jDispatcherFilter.java
 ##########
 @@ -160,8 +179,17 @@ public void init( FilterConfig filterConfig ) throws 
ServletException {
       } else {
         clientName = clientNameParameter;
       }
+
+      /* special handling for Azure AD, use path separators instead of query 
params */
+      clients.forEach( client -> {
+        if(client.getName().equalsIgnoreCase(PAC4J_AZURE_AD_CLIENT)) {
+          ((AzureAdClient)client).setCallbackUrlResolver(new 
PathParameterCallbackUrlResolver());
 
 Review comment:
   `PAC4J_AZURE_AD_CLIENT` - seems weird to me. I think this needs to match the 
name of the `AzureAdClient` class? Can we do something like 
`AzureAdClient.class.getName()` instead of the magic constant?
   
   Commenting here since this is where it finally made sense that the value of 
`PAC4J_AZURE_AD_CLIENT` should match `AzureAdClient`
 
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
[email protected]


Issue Time Tracking
-------------------

    Worklog Id:     (was: 202769)
    Time Spent: 0.5h  (was: 20m)

> Implement Azure AD support for Knox SSO
> ---------------------------------------
>
>                 Key: KNOX-1191
>                 URL: https://issues.apache.org/jira/browse/KNOX-1191
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: KnoxSSO
>            Reporter: Sandeep More
>            Assignee: Sandeep More
>            Priority: Major
>             Fix For: 1.3.0
>
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> Due to the way Azure AD mangles the callback URL, Knox
> Pac4jDispatcherFilter has issues intercepting the callback url and the 
> request ends up in a redirect loop.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to