Yes, that is correct. It is a protection against being redirected to pages that may do something malicious like phishing, etc. That should be documented in the users guide: http://knox.apache.org/books/knox-0-8-0/user-guide.html#KnoxSSO+Configuration+Parameters
On Thu, Mar 24, 2016 at 12:58 AM, hdp <[email protected]> wrote: > I also found that *knoxsso.redirect.whitelist.regex * should be configed > in knoxSSO else it can only try to redirect to localhost, which make it > impossible to reference in a production usage. > > Thanks > Tony > > > > At 2016-03-23 09:58:04, "larry mccay" <[email protected]> wrote: > > Yes, that typo has to be fixed as well. > That class is in the Hadoop code based and is shown as an example of how > to configure the Hadoop UIs to accept the SSO cookie created by KnoxSSO. It > will be in the Hadoop 2.8 release and is also available on trunk. > > It can be used as an example of a filter for integration. > > You can also use the SSOCookieProvider which is discussed in the dev guide. > > The documentation for 0.7/8/9.0 have been updated to fix what you pointed > out. > > I will be circling back to fix the typos and rendering issues with all of > the apostrophes as well. > > On Tue, Mar 22, 2016 at 9:19 PM, hdp <[email protected]> wrote: > >> Hi Larry >> Thanks for updating the document for knox0.7. Please also note that knox >> 0.8 document has same issue. >> >> And I found the following in knox0.7 KnoxSSO+Integration: >> >> <value>org.apache.hadoop/security.authentication/server.JWTRedirectAuthenticationHandler</value> >> >> Is this a typo? It should be >> org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler? >> I did not found the class of JWTRedirectAuthenticationHandler in knox 0.7 >> lib and its dependency, hadoop-auth-2.2.0.jar ; neither knox0.8. >> >> Thanks >> >> >> >> >> At 2016-03-23 00:14:38, "larry mccay" <[email protected]> wrote: >> >> Hi Tony - >> >> Please see: >> http://knox.apache.org/books/knox-0-7-0/dev-guide.html#KnoxSSO+Integration >> for the missing documentation. >> >> I will need to circle back and some content rendering and review the docs >> again very closely but this should provide you with an overview of >> integrating applications with KnoxSSO. >> >> thanks, >> >> --larry >> >> On Tue, Mar 22, 2016 at 8:55 AM, larry mccay <[email protected]> wrote: >> >>> Hi Tony - >>> >>> I will take a look at the docs and get the missing information added - >>> thank you for pointing it out. >>> >>> If you provide some information regarding exactly what you are looking >>> to accomplish, I can give you more specific instructions. >>> >>> Thanks, >>> >>> --larry >>> >>> On Tue, Mar 22, 2016 at 4:53 AM, hdp <[email protected]> wrote: >>> >>>> How can I make knox 0.7 SSO work? >>>> The user's guide (KnoxSSO Setup and Configuration ->Introduction) says >>>> "We also provide integration guidance within the developers guide for other >>>> applications to be able to participate in these SSO capabilities." . But I >>>> did not find the how to make application participate in SSO in the >>>> developer's guide. >>>> >>>> The use's guide also says "[Please see the integration guide for >>>> instructions in adding support for new applications.] >>>> " . I did not the integration guide either. >>>> >>>> Can some one give a workable example for setting up knox -SSO? >>>> >>>> Thanks >>>> Tony Huang >>>> >>>> >>>> >>>> >>> >>> >> >> >> >> > > > > >
