Details
Description
Login/logout pages don't redirect properly when NiFi is deployed on a custom URL prefix (context). For example when deploying NiFi on custom URL like https://nifi-host/mynifi (using HAPROXY, setting nifi.web.proxy.host=mynifi), UI works perfectly (via https://nifi-host/mynifi/nifi/). Problem is with login/logout pages, which both don't seem to honor X-ProxyContextPath and after successfull login/logout they both redirect to https://nifi-host/nifi.
After some investigations made, the problem on login page seems to be in nf-login.js containing hardcoded url in lines 121-125:
if (accessStatus.status === 'ACTIVE') { // reload as appropriate - no need to schedule token refresh as the page is reloading if (top !== window) { parent.window.location = '/nifi'; } else { window.location = '/nifi'; } } else { ...
where on logout page, redirect url is composed purely using HttpServletResponse in LogoutFilter.java, 53 (without examining X-ProxyContextPath):
((HttpServletResponse) response).sendRedirect("login");
Found a similar issue with OpenID fixed few version ago, I am not sure if it is somehow related: NIFI-5237
Attachments
Issue Links
- is fixed by
-
NIFI-9060 HTTP Cookie Paths ignore Proxy Context Path Headers
- Resolved