Sean Roberts created AMBARI-23095: ------------------------------------- Summary: knoxsso.redirect.whitelist.regex should not require a port number Key: AMBARI-23095 URL: https://issues.apache.org/jira/browse/AMBARI-23095 Project: Ambari Issue Type: Bug Components: stacks Affects Versions: 2.5.0, trunk, 2.6.2 Reporter: Sean Roberts
The default 'knoxsso.redirect.whitelist.regex' is set to require a port number meaning it won't work for redirects to normal HTTP and HTTPS on :80 and :443: https://github.com/apache/ambari/blob/trunk/ambari-server/src/main/resources/stacks/HDP/2.5/services/KNOX/configuration/knoxsso-topology.xml#L109-L110 {code} ^https?:\/\/(localhost|127\.0\.0\.1|0:0:0:0:0:0:0:1|::1):[0-9].*$ {code} Proposal is to make the port optional and validate that anything after the host or port starts with /. -- This message was sent by Atlassian JIRA (v7.6.3#76005)