Yusaku Sako created AMBARI-12153:
------------------------------------
Summary: Ambari Web should automatically log the user in if valid
HTTP authorization header is present (Single Sign On)
Key: AMBARI-12153
URL: https://issues.apache.org/jira/browse/AMBARI-12153
Project: Ambari
Issue Type: Improvement
Components: ambari-web
Affects Versions: 2.1.0
Reporter: Yusaku Sako
Assignee: Yusaku Sako
Fix For: 2.1.0
In some environments, Ambari is behind a gateway. When the user hits the URL to
load Ambari Web through the gateway, the user is prompted to log in (to the
gateway). After the user provides valid credentials, the gateway adds the HTTP
Authorization header (Basic Auth) to all subsequent requests.
Requesting GET API calls through the browser address bar handles SSO already
(the user is not explicitly asked to log in to Ambari Web) because of the
Authorization header. However, Ambari Web still prompts the user to log in (the
user has to authenticate to the gateway and Ambari Web separately). In this
scenario, Ambari Web should treat the user as already logged in.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
