Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ISSUE-1330: Allow jwt or knox sso as underlying authentication for SAM #1331

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

ISSUE-1330: Allow jwt or knox sso as underlying authentication for SAM #1331

wants to merge 1 commit into from

Conversation

priyank5485
Copy link
Contributor

Change-Id: I788f12ffb4e0e673d5c6edbfad90e43b9d401a6b

@priyank5485
ISSUE-1330: Allow jwt or knox sso as underlying authentication for SAM
060f6a5 
Change-Id: I788f12ffb4e0e673d5c6edbfad90e43b9d401a6b
@priyank5485
Copy link
Contributor Author

@arunmahadevan I have tested this on a cluster and it works fine. Please review. Ideally it will be good to put this in the next maint release and all release going forward.

@priyank5485 priyank5485 mentioned this pull request Dec 19, 2018
Open
arunmahadevan
arunmahadevan reviewed Dec 19, 2018
View reviewed changes
Copy link
Contributor

@arunmahadevan arunmahadevan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The change looks ok. May be good to rename the classes and related method now that it supports more than kerberos and pass the right authType to the securityContext as well.

.../hortonworks/streamline/streams/security/authentication/StreamlineKerberosRequestFilter.java
if (principal == null || !httpRequest.getAuthType().equalsIgnoreCase(KERBEROS_AUTH)) {
// We now also support Knox SSO using jwt as underlying authentication mechanism. Hence added jwt as a valid type
// Probably jwt does not sound right in this class and we are also passing KERBEROS_AUTH for jwt below where we
// instantiate a SecurityContext. That is because there are checks down the line for kerberos as well
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe then this class needs to be renamed to StreamlineAuthenticationRequestFilter and the right authType passed to the StreamlineSecurityContext as well?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@arunmahadevan arunmahadevan arunmahadevan left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@priyank5485 @arunmahadevan