----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/70893/#review216244 -----------------------------------------------------------
Ship it! Ship It! - Don Bosco Durai On June 19, 2019, 4:22 p.m., Pradeep Agrawal wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/70893/ > ----------------------------------------------------------- > > (Updated June 19, 2019, 4:22 p.m.) > > > Review request for ranger, Ankita Sinha, bhavik patel, Gautam Borad, Abhay > Kulkarni, Madhan Neethiraj, Mehul Parikh, Nikhil P, Nitin Galave, Ramesh > Mani, Sailaja Polavarapu, and Velmurugan Periasamy. > > > Bugs: RANGER-2477 > https://issues.apache.org/jira/browse/RANGER-2477 > > > Repository: ranger > > > Description > ------- > > Ranger is unable to forward the request to Ranger if LB is SSL and KnoxSSO is > enabled and x-forwarded-host header is not forwarded from LB. Usually Ranger > expects that x-forwarded-host shall be provided by LB so current > implementation forward the request to the same host but does not change the > protocol to https if LB is also SSL(x-forwarded-proto) > > Proposed solution: proposed patch contains changes which shall replace the > x-forwarded-proto value in the request URL if request URL contains protocol > http while x-forwarded-proto value is https. > > > Diffs > ----- > > > security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSSOAuthenticationFilter.java > c3fbe9c23 > > > Diff: https://reviews.apache.org/r/70893/diff/1/ > > > Testing > ------- > > Tested knoxsso, knox proxy and ranger HA based authentications. > > > Thanks, > > Pradeep Agrawal > >
