ved-kashyap-samsung opened a new pull request, #24481: URL: https://github.com/apache/superset/pull/24481
<!--- Please write the PR title following the conventions at https://www.conventionalcommits.org/en/v1.0.0/ Example: fix(dashboard): load charts correctly --> ### SUMMARY <!--- Describe the change below, including rationale and design decisions --> Fix for issue - https://github.com/apache/superset/issues/23295 After enabling the domain sharding as follows ENABLE_CORS = True CORS_OPTIONS = { 'supports_credentials': True, 'allow_headers': '*', 'resources': '*', 'origins': ['https://dashboards.mydomain.com','https://dashboards1.mydomain.com','https://dashboards2.mydomain.com','https://dashboards3.mydomain.com'] } SUPERSET_WEBSERVER_DOMAINS=['dashboards.mydomain.com','dashboards1.mydomain.com','dashboards2.mydomain.com','dashboards3.mydomain.com'] All 4 webserver domains are set via DNS A record to the same IP address. When navigating to a dashboard, I can see in the Edge devtools, that the /api/v1/chart/data requests are sent to all webserver domains. However, they all fail with "401" (unauthenticated). I can also see, that some of the requests have a response set to {"msg":"Missing Authorization Header"}. ### EXPECTED RESULT Domain sharding uses the 4 configured webserver domains for requesting data - and uses the session cookie of original domain for authentication. ### ACTUAL RESULT The authentication of the non-original webserver domains does not work and the requests are not authenticated. ### TESTING INSTRUCTIONS <!--- Required! What steps can be taken to manually verify the changes? --> Please verify changes from my fork. After setting the `SESSION_COOKIE_DOMAIN` to main domain in `superset_config.py` authrization should work on all the domain shards. ### ADDITIONAL INFORMATION <!--- Check any relevant boxes with "x" --> <!--- HINT: Include "Fixes #nnn" if you are fixing an existing issue --> - [x] Has associated issue: Fixes https://github.com/apache/superset/issues/23295 - [ ] Required feature flags: - [ ] Changes UI - [ ] Includes DB Migration (follow approval process in [SIP-59](https://github.com/apache/superset/issues/13351)) - [ ] Migration is atomic, supports rollback & is backwards-compatible - [ ] Confirm DB migration upgrade and downgrade tested - [ ] Runtime estimates and downtime expectations provided - [ ] Introduces new feature or API - [ ] Removes existing feature or API -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
