[
https://issues.apache.org/jira/browse/KNOX-2393?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandeep More resolved KNOX-2393.
--------------------------------
Resolution: Fixed
> Add a configurable list of paths that SSOCookieProvider can ignore
> ------------------------------------------------------------------
>
> Key: KNOX-2393
> URL: https://issues.apache.org/jira/browse/KNOX-2393
> Project: Apache Knox
> Issue Type: Bug
> Components: KnoxSSO
> Reporter: Sandeep More
> Assignee: Sandeep More
> Priority: Major
> Fix For: 1.4.0
>
> Time Spent: 1.5h
> Remaining Estimate: 0h
>
> There are some cases where browser sends automatic GET requests [1] (e.g.
> favicon.ico) that can interfere with KnoxSSO flow depending on the timing of
> the requests and cause SSO page to land on favicon icon.
> This could be achieved by adding a list of path for SSO to ignore using a
> property {{gateway.knox.sso.unauthenticated.path.list}}
> e.g.
> {code:xml}
> <provider>
> <role>federation</role>
> <name>SSOCookieProvider</name>
> <enabled>true</enabled>
> <param>
> <name>sso.authentication.provider.url</name>
> <value>/gateway/knoxsso/api/v1/websso</value>
> </param>
> <param>
> <name>gateway.knox.sso.unauthenticated.path.list</name>
> <value>favicon.ico;test;unsafepath</value>
> </param>
> </provider>
> {code}
> [1] [https://bugs.chromium.org/p/chromium/issues/detail?id=39402]
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
