[jira] [Work logged] (KNOX-2155) KnoxSSO should handle multiple cookies with the same name

ASF GitHub Bot (Jira) Fri, 20 Dec 2019 12:05:09 -0800


     [ 
https://issues.apache.org/jira/browse/KNOX-2155?focusedWorklogId=361841&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-361841
 ]


ASF GitHub Bot logged work on KNOX-2155:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 20/Dec/19 20:04
            Start Date: 20/Dec/19 20:04
    Worklog Time Spent: 10m 
      Work Description: moresandeep commented on pull request #227: KNOX-2155 - 
KnoxSSO should handle multiple cookies with the same name
URL: https://github.com/apache/knox/pull/227#discussion_r360553098
 
 

 ##########
 File path: 
gateway-adapter/src/main/java/org/apache/hadoop/gateway/provider/federation/jwt/filter/SSOCookieFederationFilter.java
 ##########
 @@ -38,18 +38,6 @@ protected void handleValidationError(HttpServletRequest 
request,
     super.handleValidationError(request, response, status, error);
   }
 
-  /**
-   * Encapsulate the acquisition of the JWT token from HTTP cookies within the
-   * request.
-   *
-   * @param req servlet request to get the JWT token from
-   * @return serialized JWT token
-   */
-  @Override
-  protected String getJWTFromCookie(HttpServletRequest req) {
-    return super.getJWTFromCookie(req);
-  }
-
 
 Review comment:
   It should not break backwards compatibility, looks good.
 
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
[email protected]


Issue Time Tracking
-------------------

    Worklog Id:     (was: 361841)
    Time Spent: 40m  (was: 0.5h)

> KnoxSSO should handle multiple cookies with the same name
> ---------------------------------------------------------
>
>                 Key: KNOX-2155
>                 URL: https://issues.apache.org/jira/browse/KNOX-2155
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: KnoxSSO
>            Reporter: Kevin Risden
>            Assignee: Kevin Risden
>            Priority: Major
>             Fix For: 1.4.0
>
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> Currently, when KnoxSSO checks cookies it looks at the first one with the 
> name configured. If there are multiple cookies scoped to different domains, 
> browsers will send all the cookies in the request. Knox needs to look at all 
> the cookies to evaluate if they are valid.
> References:
> * 
> https://stackoverflow.com/questions/4056306/how-to-handle-multiple-cookies-with-the-same-name



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Work logged] (KNOX-2155) KnoxSSO should handle multiple cookies with the same name

Reply via email to