ved-kashyap-samsung commented on PR #24481: URL: https://github.com/apache/superset/pull/24481#issuecomment-1602369340
ROOT CAUSE ANALYSIS - Actually session in superset is managed using cookies. So, session cookie must be sent automatically in any API request through request headers. Also, cookies are automatically sent to subdomains on a domain(TLD). So, following are two solutions. You can choose either. set SESSION_COOKIE_DOMAIN = 'mydomain.com' in superset_config.py This should take care of setting cookie in every request header and hence authorization will be done. Other solution is to create domain shards which should be subdomains of main domain like below. SUPERSET_WEBSERVER_DOMAINS=['dashboards.mydomain.com','1.dashboards.mydomain.com','2.dashboards.mydomain.com','3.dashboards.mydomain.com'] Note: Please delete all the session cookies for your superset top level domain and subdomains intially so that previously session cookies don't change the desired behaviour. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
