Description
As of now, we provide the following knoxsso.xml sample OOTB:
<topology>
<gateway>
<provider>
<role>webappsec</role>
<name>WebAppSec</name>
<enabled>true</enabled>
<param>
<name>xframe.options.enabled</name>
<value>true</value>
</param>
</provider>
<provider>
<role>authentication</role>
<name>ShiroProvider</name>
<enabled>true</enabled>
...
<param>
<name>redirectToUrl</name>
<value>/gateway/knoxsso/knoxauth/login.html</value>
</param>
...
</provider>
<provider>
<role>identity-assertion</role>
<name>Default</name>
<enabled>true</enabled>
</provider>
</gateway>
<application>
<name>knoxauth</name>
</application>
<service>
<role>KNOXSSO</role>
<param>
<name>knoxsso.cookie.secure.only</name>
<value>true</value>
</param>
<param>
<name>knoxsso.token.ttl</name>
<value>-1</value>
</param>
</service>
</topology>
In case you modify the gateway.path configuration element the admin UI won't be reachable due to the hard-coded gateway path (gateway) in redirectToUrl.
Recommended solution:
change the current value to /${GATEWAY_PATH}/knoxsso/knoxauth/login.html and replace the ${GATEWAY_PATH} with the actual configuration value.
Attachments
Issue Links
- is related to
-
KNOX-1955 Admin UI should handle gateway.path change
-
- Resolved
-
- links to
