Marco may be using the Hadoop native JWTRedirectAuthenticationHandler instead of SSOCookieProvider. In which case, the original URL would require a rewrite rule for the Location header.
On Tue, Apr 24, 2018 at 12:00 PM, Sandeep More (JIRA) <j...@apache.org> wrote: > > [ https://issues.apache.org/jira/browse/KNOX-1274?page= > com.atlassian.jira.plugin.system.issuetabpanels:comment- > tabpanel&focusedCommentId=16450127#comment-16450127 ] > > Sandeep More commented on KNOX-1274: > ------------------------------------ > > Hello [~mgaido] I did a quick test and it appears to be working, did you > add the SSOCookieProvider to your topology ? > {code:java} > <provider> > <role>federation</role> > <name>SSOCookieProvider</name> > <enabled>true</enabled> > <param> > <name>sso.authentication.provider.url</name> > <value>https://www.local.com: > 8443/gateway/knoxsso/api/v1/websso</value> > </param> > </provider>{code} > Please reopen the bug if you think this is still an issue. > > > SSO redirect for Spark2 History Server needs to be rewritten > > ------------------------------------------------------------ > > > > Key: KNOX-1274 > > URL: https://issues.apache.org/jira/browse/KNOX-1274 > > Project: Apache Knox > > Issue Type: Bug > > Reporter: Marco Gaido > > Assignee: Sandeep More > > Priority: Major > > > > When Spark2 History Server is accessed through Knox gateway and Knox SSO > is configured, after the authentication, the SSO redirects to the direct > Spark History Server's URL, instead of the proxied one, ie. one gets > redirected to: {{https://knox_host:8443/gateway/knoxsso/knoxauth/ > login.html?originalUrl=http://shs_host:18081/&do....}} and so after the > login, it redirects to {{http://shs_host:18081/&doAs=...}}, instead of {{ > https://knox_host:8443/gateway/default/sparkhistory}}. > > > > -- > This message was sent by Atlassian JIRA > (v7.6.3#76005) >
