Good to hear! On Mon, Oct 2, 2017 at 8:54 AM, Colm O hEigeartaigh <cohei...@apache.org> wrote:
> Thanks Larry! The issue was that Ranger didn't have SSL enabled, all > working correctly now. > > Colm. > > On Mon, Oct 2, 2017 at 1:23 PM, larry mccay <lmc...@apache.org> wrote: > > > If the cookie isn't being presented then it is likely not in the same > > domain. > > This is required for cookie based solutions. > > > > Otherwise, it could be set to secure only and ranger doesn't have SSL > > enabled. > > > > 1. redirecting.jsp gets around same origin issue when redirecting to > > something that isn't being proxied as well > > 2. it has to be checked twice to ensure that no one was intercepted and > > changed the redirect page to a phishing page > > > > > > On Mon, Oct 2, 2017 at 7:21 AM, Colm O hEigeartaigh <cohei...@apache.org > > > > wrote: > > > > > Hi, > > > > > > I'm testing using KNOXSSO with Apache Ranger, unsuccessfully thus far. > I > > am > > > getting redirected back to Ranger, but apparently without the cookie, > and > > > Ranger is redirecting back to Knox again. > > > > > > Two initial questions: > > > > > > 1) I've noticed is that it is invoking 'redirecting.jsp' back to > Ranger, > > > but this is not invoked when starting from a Knox topology. Why is > this? > > > > > > 2) When 'redirecting.jsp' is used, we are checking the whitelist twice > > > (once in WebSSOResource and once in redirecting.jsp). Is the check in > > > redirecting.jsp really necessary (it also means that > > > 'knoxsso.redirect.whitelist.regex' must be configured, using the > default > > > doesn't work). > > > > > > Colm. > > > > > > > > > -- > > > Colm O hEigeartaigh > > > > > > Talend Community Coder > > > http://coders.talend.com > > > > > > > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com >
