[
https://issues.apache.org/jira/browse/KNOX-1364?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16712919#comment-16712919
]
Kevin Risden commented on KNOX-1364:
------------------------------------
This is on the latest Apache Knox 1.2.0 RC so maybe the behavior from the past
changed, but there are no Knox or JSESSIONID cookies being set.
> Cookie path should contain the topology name aswell
> ---------------------------------------------------
>
> Key: KNOX-1364
> URL: https://issues.apache.org/jira/browse/KNOX-1364
> Project: Apache Knox
> Issue Type: Improvement
> Affects Versions: 0.14.0
> Reporter: Laszlo Nardai
> Priority: Major
> Labels: Patch, review
> Fix For: 1.3.0
>
> Attachments: KNOX-1364.patch, Screen Shot 2018-12-07 at 9.19.39
> AM.png, Screen Shot 2018-12-07 at 9.20.27 AM.png
>
>
> When using knox in PROXY only mode, cookies are set with the following domain
> and path.
> *[https://sandbox-hdf.hortonworks.com:5443/gateway/local-hdf/ambari#/login*]
> I login to ambari on this URL, and I get a cookie with
> domain: sandbox-hdf.hortonworks.com
> path: gateway
> If I try to access another ambari instance through the same knox in the
> following URL:
>
> *[https://sandbox-hdf.hortonworks.com:5443/gateway/local-hdf2/ambari#/login*|https://sandbox-hdf.hortonworks.com:5443/gateway/local-hdf/ambari#/login*]
> domain: sandbox-hdf.hortonworks.com
> path: gateway
> So basically this cookie will overwrite the previous one and will trigger a
> logout from the first ambari ui.
> Proposed solution:
> include the topology name in the cookie path:
> domain: sandbox-hdf.hortonworks.com
> path: gateway/local-hdf
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
