[jira] [Commented] (ATLAS-3116) Fix LDAP login, once a sign-on is made through knox SSO.

Tue, 09 Apr 2019 02:22:52 -0700 


    [ 
https://issues.apache.org/jira/browse/ATLAS-3116?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16813168#comment-16813168
 ] 

ASF subversion and git services commented on ATLAS-3116:
--------------------------------------------------------

Commit c477a6f6d1899211e7a7d9b67090b20757e28578 in atlas's branch 
refs/heads/master from Nixon Rodrigues
[ https://gitbox.apache.org/repos/asf?p=atlas.git;h=c477a6f ]

ATLAS-3116:- Changed bean scope to prototype to fix LDAP login, once a sign-on 
is made through knox SSO.

Change-Id: Ia76852d1c4e13216c54d225e0cbcd1108fd2f402


> Fix LDAP login, once a sign-on is made through knox SSO.
> --------------------------------------------------------
>
>                 Key: ATLAS-3116
>                 URL: https://issues.apache.org/jira/browse/ATLAS-3116
>             Project: Atlas
>          Issue Type: Bug
>    Affects Versions: 0.8.3, 1.1.0
>            Reporter: Nixon Rodrigues
>            Assignee: Nixon Rodrigues
>            Priority: Major
>             Fix For: 0.8.4, 1.2.0, 2.0.0
>
>         Attachments: ATLAS-3116.patch
>
>
> *Background of the issue.*
>  
> Dependency of AtlasAuthenticationProvider is Injected in two place from 
> constructor with @Inject 1) 
> [AtlasKnoxSSOFilter|https://github.com/apache/atlas/blob/master/webapp/src/main/java/org/apache/atlas/web/filters/AtlasKnoxSSOAuthenticationFilter.java#L102]
>  and 
> [AtlasSecurityConfig|https://github.com/apache/atlas/blob/master/webapp/src/main/java/org/apache/atlas/web/security/AtlasSecurityConfig.java#L72].
> After observing the hashCode of objects of the AtlasAuthenticationProvider 
> appeared to be same in respectively classes.
>  
> If no scope is specified single instance per container is created and thats 
> caused the bug described below.
>  
> The *ssoEnabled* is a property in AtlasAuthenticationProvider which set from 
> AtlasKnoxSSOFilter flow. Since the object reference were same, once the 
> ssoEnabled is set true,  it apply for LdapAuthentication flow also and the 
> [ldap authentication flow is goes in sso 
> block|https://github.com/apache/atlas/blob/master/webapp/src/main/java/org/apache/atlas/web/security/AtlasAuthenticationProvider.java#L92]
>  
> To fix the issue added scope prototype to AtlasAuthenticationProvider , so 
> that different objects are create in AtlasKnoxSSOFilter and 
> AtlasSecurityConfig respectively.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to