-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72251/
-----------------------------------------------------------
(Updated March 20, 2020, 7:15 p.m.)
Review request for ranger, Abhay Kulkarni, Mehul Parikh, Nitin Galave, Ramesh
Mani, and Velmurugan Periasamy.
Changes
-------
Setting ssoEnabled flag in the user session if request is from trusted proxy
case or if the request is from knox sso case.
Bugs: RANGER-2762
https://issues.apache.org/jira/browse/RANGER-2762
Repository: ranger
Description
-------
Made code changes to check if the browser requests are coming from knox when
trusted proxy is enabled before applying proper authentication filters. Also
labeled the browser session as "sso enabled" when session is created for knox
trusted proxy case. This label is used for handling logout from ranger UI and
redirect to appropriate page.
Diffs (updated)
-----
security-admin/src/main/java/org/apache/ranger/biz/SessionMgr.java ce09c36eb
security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKrbFilter.java
b7b2b2ab3
security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
99fb21f59
Diff: https://reviews.apache.org/r/72251/diff/2/
Changes: https://reviews.apache.org/r/72251/diff/1-2/
Testing
-------
1. Tested browser requests with and without knox trusted proxy enabled
2. Also verified few regression cases.
Thanks,
Sailaja Polavarapu
