atlas-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ATLAS-3116) Fix LDAP login, once a sign-on is made through knox SSO.
Date Tue, 09 Apr 2019 09:20:00 GMT

    [ https://issues.apache.org/jira/browse/ATLAS-3116?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16813165#comment-16813165
] 

ASF subversion and git services commented on ATLAS-3116:
--------------------------------------------------------

Commit 3781018cc9cfc71b680e4a57457315dc6083893d in atlas's branch refs/heads/branch-0.8 from
Nixon Rodrigues
[ https://gitbox.apache.org/repos/asf?p=atlas.git;h=3781018 ]

ATLAS-3116:- Changed bean scope to prototype to fix LDAP login, once a sign-on is made through
knox SSO.

Change-Id: Ia76852d1c4e13216c54d225e0cbcd1108fd2f402


> Fix LDAP login, once a sign-on is made through knox SSO.
> --------------------------------------------------------
>
>                 Key: ATLAS-3116
>                 URL: https://issues.apache.org/jira/browse/ATLAS-3116
>             Project: Atlas
>          Issue Type: Bug
>    Affects Versions: 0.8.3, 1.1.0
>            Reporter: Nixon Rodrigues
>            Assignee: Nixon Rodrigues
>            Priority: Major
>             Fix For: 0.8.4, 1.2.0, 2.0.0
>
>         Attachments: ATLAS-3116.patch
>
>
> *Background of the issue.*
>  
> Dependency of AtlasAuthenticationProvider is Injected in two place from constructor with
@Inject 1) [AtlasKnoxSSOFilter|https://github.com/apache/atlas/blob/master/webapp/src/main/java/org/apache/atlas/web/filters/AtlasKnoxSSOAuthenticationFilter.java#L102] and [AtlasSecurityConfig|https://github.com/apache/atlas/blob/master/webapp/src/main/java/org/apache/atlas/web/security/AtlasSecurityConfig.java#L72].
> After observing the hashCode of objects of the AtlasAuthenticationProvider appeared to
be same in respectively classes.
>  
> If no scope is specified single instance per container is created and thats caused the
bug described below.
>  
> The *ssoEnabled* is a property in AtlasAuthenticationProvider which set from AtlasKnoxSSOFilter
flow. Since the object reference were same, once the ssoEnabled is set true,  it apply for
LdapAuthentication flow also and the [ldap authentication flow is goes in sso block|https://github.com/apache/atlas/blob/master/webapp/src/main/java/org/apache/atlas/web/security/AtlasAuthenticationProvider.java#L92]
>  
> To fix the issue added scope prototype to AtlasAuthenticationProvider , so that different
objects are create in AtlasKnoxSSOFilter and AtlasSecurityConfig respectively.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message