[KNOX-2393] Add a configurable list of paths that SSOCookieProvider can ignore - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.4.0
Component/s: KnoxSSO
Labels:
None

Description

There are some cases where browser sends automatic GET requests [1] (e.g. favicon.ico) that can interfere with KnoxSSO flow depending on the timing of the requests and cause SSO page to land on favicon icon.

This could be achieved by adding a list of path for SSO to ignore using a property gateway.knox.sso.unauthenticated.path.list

e.g.

   <provider>
           <role>federation</role>
           <name>SSOCookieProvider</name>
           <enabled>true</enabled>
           <param>
              <name>sso.authentication.provider.url</name>
              <value>/gateway/knoxsso/api/v1/websso</value>
           </param>
           <param>
              <name>sso.unauthenticated.path.list</name>
              <value>favicon.ico;test;unsafepath</value>
           </param>
    </provider>

[1] https://bugs.chromium.org/p/chromium/issues/detail?id=39402

Attachments

Issue Links

relates to

KNOX-2387 KnoxSSO broken on recent Chrome browsers (version > 80)

Resolved

links to

GitHub Pull Request #349

GitHub Pull Request #351

Activity

People

Assignee:: Sandeep More

Reporter:: Sandeep More

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 18/Jun/20 17:03

Updated:: 19/Jun/20 18:16

Resolved:: 19/Jun/20 17:53

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

1h 50m