[
https://issues.apache.org/jira/browse/AMBARI-24536?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16591599#comment-16591599
]
Sean Roberts commented on AMBARI-24536:
---------------------------------------
[~rlevas] As discussed on Chat, Auth Negotiation is a standard part of HTTP. It
is very common to support multiple auth methods. And is major requirement for
supporting humans while supporting automation (i.e. automated connections use
kerberos, clients use kerberos or password).
> Ambari SPNEGO breaks SSO redirect
> ---------------------------------
>
> Key: AMBARI-24536
> URL: https://issues.apache.org/jira/browse/AMBARI-24536
> Project: Ambari
> Issue Type: Bug
> Components: ambari-server, security
> Affects Versions: 2.6.0
> Reporter: Sean Roberts
> Assignee: Robert Levas
> Priority: Major
> Labels: kerberos, security, spnego, sso
>
> When SPNEGO is enabled (`ambari-server setup-kerberos`), the SSO
> (`ambari-server setup-sso`) redirect no longer works.
> How to reproduce:
> # Enable SSO `ambari-server setup-sso`
> # `ambari-server restart`
> # Visit Ambari and notice that you are redirected to the SSO system (i.e.
> Knox)
> # Enable SPNEGO `ambari-server setup-kerberos`
> # `ambari-server restart`
> # Visit Ambari and notice that you are *NOT redirected* to the SSO system
> (i.e. Knox)
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
