[
https://issues.apache.org/jira/browse/KNOX-49?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kevin Minder resolved KNOX-49.
------------------------------
Resolution: Fixed
Fix Version/s: 0.3.0
Assignee: Kevin Minder
Fixed by f0ba7ca155b65de67c81ac0e9979c17a52a56caf
> Prevent Shiro rememberMe cookie from being returned
> ---------------------------------------------------
>
> Key: KNOX-49
> URL: https://issues.apache.org/jira/browse/KNOX-49
> Project: Apache Knox
> Issue Type: Improvement
> Components: Server
> Reporter: Kevin Minder
> Assignee: Kevin Minder
> Fix For: 0.3.0
>
>
> From BUG-4327
> We are using Apache Shiro (http://shiro.apache.org/) as our authentication
> plug point. The integration is in the gateway-provider-security-shiro module.
> This is working well for our LDAP authentication. However there is a built in
> feature of Shiro called 'Remember Me' that is causing an extra cookie (TODO)
> to be sent back to the clients. We are also returning a Hadoop specific
> cookie. We would like to ensure that only the Hadoop specific cookie is
> returned to the client and not the Shiro RememberMe cookie. I also noticed
> that we are returning a JSESSIONID cookie that we probably don't want either.
> Below is debug output from the test
> gateway-server/src/test/java/org/apache/hadoop/gateway/GatewayBasicFuncTest.testBasicHdfsUseCase
> DEBUG org.apache.http.wire << "Set-Cookie:
> JSESSIONID=ys17oigu62yv1s6uj34djxrp5;Path=/gateway/cluster\r\n"
> DEBUG org.apache.http.wire << "Set-Cookie: rememberMe=deleteMe;
> Path=/gateway/cluster; Max-Age=0; Expires=Tue, 05-Mar-2013 20:12:23 GMT\r\n"
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
