[jira] [Commented] (KNOX-1919) Enhance redirectToUrl parameter handling in knoxsso.xml

[ASF subversion and git services (JIRA)]

    [ 
https://issues.apache.org/jira/browse/KNOX-1919?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16882247#comment-16882247
 ] 

ASF subversion and git services commented on KNOX-1919:
-------------------------------------------------------

Commit e90beeaa4624129de936991284f3caa6f67ac652 in knox's branch 
refs/heads/master from Sandor Molnar
[ https://gitbox.apache.org/repos/asf?p=knox.git;h=e90beea ]

KNOX-1919 - Taking gateway.path into consideration when processing 
redirectToUrl provider param with the OOTB knoxsso.xml sample (#113)



> Enhance redirectToUrl parameter handling in knoxsso.xml
> -------------------------------------------------------
>
>                 Key: KNOX-1919
>                 URL: https://issues.apache.org/jira/browse/KNOX-1919
>             Project: Apache Knox
>          Issue Type: Improvement
>          Components: KnoxSSO
>            Reporter: Sandor Molnar
>            Assignee: Sandor Molnar
>            Priority: Major
>             Fix For: 1.4.0
>
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> As of now, we provide the following {{knoxsso.xml}} sample OOTB:
> {code:java}
> <topology>
>     <gateway>
>         <provider>
>             <role>webappsec</role>
>             <name>WebAppSec</name>
>             <enabled>true</enabled>
>             <param>
>                 <name>xframe.options.enabled</name>
>                 <value>true</value>
>             </param>
>         </provider>
>         <provider>
>             <role>authentication</role>
>             <name>ShiroProvider</name>
>             <enabled>true</enabled>
>             ...
>             <param>
>                 <name>redirectToUrl</name>
>                 <value>/gateway/knoxsso/knoxauth/login.html</value>
>             </param>
>             ...
>         </provider>
>         <provider>
>             <role>identity-assertion</role>
>             <name>Default</name>
>             <enabled>true</enabled>
>         </provider>
>     </gateway>
>     <application>
>         <name>knoxauth</name>
>     </application>
>     <service>
>         <role>KNOXSSO</role>
>         <param>
>             <name>knoxsso.cookie.secure.only</name>
>             <value>true</value>
>         </param>
>         <param>
>             <name>knoxsso.token.ttl</name>
>             <value>-1</value>
>         </param>
>     </service>
> </topology>
> {code}
> In case you modify the {{gateway.path}} configuration element the admin UI 
> won't be reachable due to the hard-coded gateway path ({{gateway}}) in 
> {{redirectToUrl}}.
> Recommended solution:
> change the current value to {{/${GATEWAY_PATH}/knoxsso/knoxauth/login.html}} 
> and replace the {{${GATEWAY_PATH}}} with the actual configuration value.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)