Sandor Molnar created KNOX-1919:
-----------------------------------
Summary: Enhance redirectToUrl paremeter in knoxsso.xml
Key: KNOX-1919
URL: https://issues.apache.org/jira/browse/KNOX-1919
Project: Apache Knox
Issue Type: Improvement
Components: KnoxSSO
Reporter: Sandor Molnar
Assignee: Sandor Molnar
Fix For: 1.4.0
As of now, we provide the following {{knoxsso.xml}} sample OOTB:
{code:java}
<topology>
<gateway>
<provider>
<role>webappsec</role>
<name>WebAppSec</name>
<enabled>true</enabled>
<param>
<name>xframe.options.enabled</name>
<value>true</value>
</param>
</provider>
<provider>
<role>authentication</role>
<name>ShiroProvider</name>
<enabled>true</enabled>
...
<param>
<name>redirectToUrl</name>
<value>/gateway/knoxsso/knoxauth/login.html</value>
</param>
...
</provider>
<provider>
<role>identity-assertion</role>
<name>Default</name>
<enabled>true</enabled>
</provider>
</gateway>
<application>
<name>knoxauth</name>
</application>
<service>
<role>KNOXSSO</role>
<param>
<name>knoxsso.cookie.secure.only</name>
<value>true</value>
</param>
<param>
<name>knoxsso.token.ttl</name>
<value>-1</value>
</param>
</service>
</topology>
{code}
In case you modify the {{gateway.path}} configuration element the admin UI
won't be reachable due to the hard-coded gateway path ({{gateway}}) in
{{redirectToUrl}}.
Recommended solution:
change the current value to {{/${GATEWAY_PATH}/knoxsso/knoxauth/login.html}}
and replace the {{${GATEWAY_PATH}}} with the actual configuration value.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
