[
https://issues.apache.org/jira/browse/ATLAS-5063?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Aditya Gupta updated ATLAS-5063:
--------------------------------
Description:
# Previously, In the case of Atlas UI, the 'log out' button would redirect the
user to the Knox session termination page but won't actually log out the user.
# Hitting the back button would take the user to the logged in Atlas UI.
# If user does log out, from backend Atlas will check if the request is knox
sso one or not. Accordingly that api will send response to UI.
# And from UI end, it will be redirected to the new implemented logout page.
# To handle this, a new checkSso API is introduced to determine if the session
is SSO-based by checking the presence of the hadoop-jwt cookie.
# Based on the response (true or false), the frontend now redirects either to
a default action page (for SSO sessions) or to the traditional login.jsp.
# Additionally, a CustomLogoutSuccessHandler has been added for proper logout
handling. Changes were also made to AtlasKnoxSSOAuthenticationFilter to support
this logic.
# Some changes were done in AtlasSecurityConfig for logout.
was:
Earlier:
In the case of Atlas UI, the 'log out' button would redirect the user to the
Knox session termination page but won't actually log out the user.
Hitting the back button would take the user to the logged in Atlas UI.
If user does log out, from backend Atlas will check if the request is knox sso
one or not. Accordingly that api will send response to UI.
And from UI end, it will be redirected to the new implemented logout page.
Later:
Previously, logging out of Atlas when accessed via Knox led to a blank page.
To handle this, a new checkSso API is introduced to determine if the session is
SSO-based by checking the presence of the hadoop-jwt cookie.
Based on the response (true or false), the frontend now redirects either to a
default action page (for SSO sessions) or to the traditional login.jsp.
Additionally, a CustomLogoutSuccessHandler has been added for proper logout
handling. Changes were also made to AtlasKnoxSSOAuthenticationFilter to support
this logic.
Some changes were done in AtlasSecurityConfig for logout.
> Atlas[Backend] Fix for improving logout mechanism in Atlas Backend code base
> ----------------------------------------------------------------------------
>
> Key: ATLAS-5063
> URL: https://issues.apache.org/jira/browse/ATLAS-5063
> Project: Atlas
> Issue Type: Improvement
> Components: atlas-core
> Reporter: Aditya Gupta
> Assignee: Aditya Gupta
> Priority: Major
>
> # Previously, In the case of Atlas UI, the 'log out' button would redirect
> the user to the Knox session termination page but won't actually log out the
> user.
> # Hitting the back button would take the user to the logged in Atlas UI.
> # If user does log out, from backend Atlas will check if the request is knox
> sso one or not. Accordingly that api will send response to UI.
> # And from UI end, it will be redirected to the new implemented logout page.
> # To handle this, a new checkSso API is introduced to determine if the
> session is SSO-based by checking the presence of the hadoop-jwt cookie.
> # Based on the response (true or false), the frontend now redirects either
> to a default action page (for SSO sessions) or to the traditional login.jsp.
> # Additionally, a CustomLogoutSuccessHandler has been added for proper
> logout handling. Changes were also made to AtlasKnoxSSOAuthenticationFilter
> to support this logic.
> # Some changes were done in AtlasSecurityConfig for logout.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
