[jira] [Work logged] (KNOX-3192) RemoteAuthProvider should support non-ssl url

Sat, 18 Oct 2025 06:28:53 -0700 


     [ 
https://issues.apache.org/jira/browse/KNOX-3192?focusedWorklogId=987857&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-987857
 ]

ASF GitHub Bot logged work on KNOX-3192:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 18/Oct/25 08:38
            Start Date: 18/Oct/25 08:38
    Worklog Time Spent: 10m 
      Work Description: hanicz opened a new pull request, #1099:
URL: https://github.com/apache/knox/pull/1099

   [KNOX-3192](https://issues.apache.org/jira/browse/KNOX-3192) - 
RemoteAuthProvider should support non-ssl url
   
   ## What changes were proposed in this pull request?
   
   To avoid `ClassCastException` the code now check for `HttpsURLConnection` 
instance before casting. This ensures the RemoteAuthProvider works with both 
SSL and non-SSL urls.
   
   ## How was this patch tested?
   
   HTTP
   
   ```
   <role>authentication</role>
   <name>RemoteAuthProvider</name>
   <enabled>true</enabled>
   <param>
       <name>remote.auth.url</name>
       <value>http://localhost:8443/gateway/sandbox/auth/api/v1/pre</value>
   </param>
   ```
   
   ```
   curl -iku admin:admin-password 
http://localhost:8443/gateway/rap/knoxtoken/api/v2/token
   HTTP/1.1 200 OK
   Date: Sat, 18 Oct 2025 07:11:58 GMT
   Content-Type: application/json
   Content-Length: 2195
   
   
{"access_token":"eyJqa3UiOiJodHRwOi8vbG9jYWxob3N0Ojg0NDMvZ2F0ZXdheS9yYXAva25veHRva2VuL2FwaS92Mi9qd2tzLmpzb24iLCJraWQiOiJyVGNXRlZRdFhmMjNTUFZRUmhXSHNFWTR6eENDb3BuQS1aTDFRU3luUENFIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiJhZG1pbiIsImprdSI6Imh0dHA6Ly9sb2NhbGhvc3Q6ODQ0My9nYXRld2F5L3JhcC9rbm94dG9rZW4vY...
   ```
   
   HTTPS
   
   ```
   <role>authentication</role>
   <name>RemoteAuthProvider</name>
   <enabled>true</enabled>
   <param>
       <name>remote.auth.url</name>
       <value>https://localhost:8443/gateway/sandbox/auth/api/v1/pre</value>
   </param>
   ```
   
   ```
   curl -iku admin:admin-password 
https://localhost:8443/gateway/rap/knoxtoken/api/v2/token
   HTTP/1.1 200 OK
   Date: Sat, 18 Oct 2025 07:36:25 GMT
   Content-Type: application/json
   Content-Length: 2197
   
   
{"access_token":"eyJqa3UiOiJodHRwczovL2xvY2FsaG9zdDo4NDQzL2dhdGV3YXkvcmFwL2tub3h0b2tlbi9hcGkvdjIvandrcy5qc29uIiwia2lkIjoiZXY5dUNUVl96V2x0ZFYtZzduZHAtSHNUaFNGYVBkRjVmTzlfX0xhQmRibyIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiJhZG1pbiIsImprdSI6Imh0dHBzOi8vbG9jYWxob3N0Ojg0NDMvZ2F0ZXdheS9yYXAva25veHRva2VuL2FwaS92Mi9qd2tzLmpzb24i...
   ```
   




Issue Time Tracking
-------------------

            Worklog Id:     (was: 987857)
    Remaining Estimate: 0h
            Time Spent: 10m

> RemoteAuthProvider should support non-ssl url
> ---------------------------------------------
>
>                 Key: KNOX-3192
>                 URL: https://issues.apache.org/jira/browse/KNOX-3192
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: Server
>            Reporter: Sandeep More
>            Assignee: Tamás Hanicz
>            Priority: Major
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> `remote.auth.url` currently needs to be HTTPS if HTTP is used then the 
> following exception is thrown
> {code:java}
> knox Caused by: java.lang.ClassCastException: class 
> sun.net.www.protocol.http.HttpURLConnection cannot be cast to class 
> javax.net.ssl.HttpsURLConnection (sun.n │
> │ knox     at {code}
>  
> This was the configuration used:
> {code:java}
>         <provider>
>                  <role>authentication</role>
>                  <name>RemoteAuthProvider</name>
>                  <enabled>true</enabled>
>                  <param>
>                     <name>remote.auth.url</name>
>                     
> <value>http://www.local.com:8443/gateway/knoxsso/auth/api/v1/pre</value>
>                  </param> {code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to