[
https://issues.apache.org/jira/browse/KNOX-2393?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17140737#comment-17140737
]
ASF subversion and git services commented on KNOX-2393:
-------------------------------------------------------
Commit d5eb5f57f158978767da0450bc45abada49aedf2 in knox's branch
refs/heads/master from Sandeep Moré
[ https://gitbox.apache.org/repos/asf?p=knox.git;h=d5eb5f5 ]
KNOX-2393 - Update the propert name to 'sso.unauthenticated.path.list' to be
in-line with other property names (#351)
> Add a configurable list of paths that SSOCookieProvider can ignore
> ------------------------------------------------------------------
>
> Key: KNOX-2393
> URL: https://issues.apache.org/jira/browse/KNOX-2393
> Project: Apache Knox
> Issue Type: Bug
> Components: KnoxSSO
> Reporter: Sandeep More
> Assignee: Sandeep More
> Priority: Major
> Fix For: 1.4.0
>
> Time Spent: 1h 40m
> Remaining Estimate: 0h
>
> There are some cases where browser sends automatic GET requests [1] (e.g.
> favicon.ico) that can interfere with KnoxSSO flow depending on the timing of
> the requests and cause SSO page to land on favicon icon.
> This could be achieved by adding a list of path for SSO to ignore using a
> property {{gateway.knox.sso.unauthenticated.path.list}}
> e.g.
> {code:xml}
> <provider>
> <role>federation</role>
> <name>SSOCookieProvider</name>
> <enabled>true</enabled>
> <param>
> <name>sso.authentication.provider.url</name>
> <value>/gateway/knoxsso/api/v1/websso</value>
> </param>
> <param>
> <name>gateway.knox.sso.unauthenticated.path.list</name>
> <value>favicon.ico;test;unsafepath</value>
> </param>
> </provider>
> {code}
> [1] [https://bugs.chromium.org/p/chromium/issues/detail?id=39402]
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
