[
https://issues.apache.org/jira/browse/RANGER-5588?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18085251#comment-18085251
]
Chinmay N Hegde edited comment on RANGER-5588 at 6/1/26 3:32 PM:
-----------------------------------------------------------------
Merged into apache master :
[https://github.com/apache/ranger/commit/425605142d4800bc2cdfb72ff653c838b900f76f]
Fix is included in Apache 2.9.0 as part of this commit:
[https://github.com/apache/ranger/commit/10383b64dfb763b5a37c1a6226238fd470dd4453]
was (Author: JIRAUSER309092):
Merged into apache master :
[https://github.com/apache/ranger/commit/425605142d4800bc2cdfb72ff653c838b900f76f]
Merged into Apache 2.9.0 as part of this commit:
https://github.com/apache/ranger/commit/10383b64dfb763b5a37c1a6226238fd470dd4453
> Remove cookie based JWT authentication from JWT files
> -----------------------------------------------------
>
> Key: RANGER-5588
> URL: https://issues.apache.org/jira/browse/RANGER-5588
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Reporter: Chinmay N Hegde
> Assignee: Chinmay N Hegde
> Priority: Major
> Fix For: 3.0.0, 2.9.0
>
> Time Spent: 20m
> Remaining Estimate: 0h
>
> After the patch https://issues.apache.org/jira/browse/RANGER-5539 RANGER-5539
> : Add Authorisation Check for doAsUser Parameter
> Ranger admin login Via Knox proxy is failing and it should be fixed.
> It was failing because the knox request having hadoop-jwt cookie was passing
> to RangerJwtAuthFilter, But it shouldn't so this fix will handle this
> Also according to JWT RFC, cookie based header is not used for JWT.
> [https://datatracker.ietf.org/doc/html/rfc6750]
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
