[
https://issues.apache.org/jira/browse/DRILL-6663?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sorabh Hamirwasia updated DRILL-6663:
-------------------------------------
Description:
For shutdown request in index.ftl shutdown() function the request is sent to
the server using the hostname always. In secure cluster when a user is logged
in using IP address/Hostname in URL then the cookie it gets also has IP
addresss/Hostname respectively.
Now in secure cluster (not with Https enabled) when a user logs in using the ip
address and submits a shutdown request, then that POST request is sent to
server using the hostname. And since the cookie presented to the server is
using the IP address the request is rejected or ignored. Hence the server
doesn't shuts down. Whereas when user is logged in using hostname then
everything works fine.
The fix is to use [ip/hostname information from the URL rather than from the
Drillbits list table in the index.ftl
page|https://github.com/apache/drill/blob/master/exec/java-exec/src/main/resources/rest/index.ftl#L436].
When done in that way the shutdown request will always go with correct Domain
name for which it has the cookie as well.
was:
For shutdown request in index.ftl shutdown() function the request is sent to
the server using the hostname always. In secure cluster when a user is logged
in using IP address/Hostname in URL then the cookie it gets also has IP
addresss/Hostname respectively.
Now in secure cluster (not with Https enabled) when a user logs in using the ip
address and submits a shutdown request, then that POST request is sent to
server using the hostname. And since the cookie presented to the server is
using the IP address the request is rejected or ignored. Hence the server
doesn't shuts down. Whereas when user is logged in using hostname then
everything works fine.
The fix is to use [ip/hostname information from the URL rather than from the
Drillbits list table in the index.ftl
page|https://github.com/apache/drill/blob/master/exec/java-exec/src/main/resources/rest/index.ftl#L436.
When done in that way the shutdown request will always go with correct Domain
name for which it has the cookie as well.
> Shutdown not working when IP is used to load WebUI in secure cluster
> --------------------------------------------------------------------
>
> Key: DRILL-6663
> URL: https://issues.apache.org/jira/browse/DRILL-6663
> Project: Apache Drill
> Issue Type: Bug
> Components: Web Server
> Affects Versions: 1.14.0
> Reporter: Sorabh Hamirwasia
> Assignee: Venkata Jyothsna Donapati
> Priority: Major
>
> For shutdown request in index.ftl shutdown() function the request is sent to
> the server using the hostname always. In secure cluster when a user is logged
> in using IP address/Hostname in URL then the cookie it gets also has IP
> addresss/Hostname respectively.
> Now in secure cluster (not with Https enabled) when a user logs in using the
> ip address and submits a shutdown request, then that POST request is sent to
> server using the hostname. And since the cookie presented to the server is
> using the IP address the request is rejected or ignored. Hence the server
> doesn't shuts down. Whereas when user is logged in using hostname then
> everything works fine.
> The fix is to use [ip/hostname information from the URL rather than from the
> Drillbits list table in the index.ftl
> page|https://github.com/apache/drill/blob/master/exec/java-exec/src/main/resources/rest/index.ftl#L436].
> When done in that way the shutdown request will always go with correct
> Domain name for which it has the cookie as well.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
