Thanks Nick. If I find a solution I'll share that with the community. It might be PEBCAK, that remains to figure out.
;-) -- Tom Yerex Cybersecurity Analyst, Information Technology Cybersecurity | CISO Office The University of British Columbia | Musqueam Traditional Territory Ponderosa Office Annex A | Vancouver BC | V6T1Z2 Canada Phone 604 822 6531 Privacy Matters @ UBC On 2020-04-01 07:05:57-07:00 Nick Allen wrote: I am not sure Tom. Wish I could help. I'd suggest also asking on the Apache Knox help forums. On Sat, Mar 28, 2020 at 2:27 AM Yerex, Tom <[email protected]<mailto:[email protected]>> wrote: Good evening, Working with the instructions from hxxps://github.com/apache/metron/tree/master/metron-interface<http://github.com/apache/metron/tree/master/metron-interface> This is a new installation and we are using LDAP with Metron and now attempting to use Knox for access control. Using Apache Metron Management and Alerts UI directly, the login works with LDAP credentials. When I try to access Metron Alerts or Management UI through the Apache Knox Gateway, it seems to get locked into an infinite refresh loop after authentication is successful. I am not sure if this has any bearing, we are using a self-signed certificate, although Metron Alerts and Management UI are simply over the standard ports with no SSL enabled. I have worked with Angular using nginx as a reverse-proxy for multiple Angular sites, and vaguely recall similar behaviour due to the way node must be made aware of the new URL path. For example, Angular/node expects the main URL to be "/", but when a reverse-proxy is applied the path may change to become "/site1/", and so additional steps need to be taken. I'm still not familiar enough with Knox, so I'm hoping someone else has faced this problem and can offer insight. Thank you, Tom.
