KNOX-2412 - Add Logout Link to Home Page for Select Authentication Pr…#372
Conversation
…oviders Change-Id: I963d526cc560d0e2e00745c9b42c7ad63ed29450
smolnar82
left a comment
smolnar82
left a comment
There was a problem hiding this comment.
It looks really good; I only have some minor comments and questions to address.
| <dependency> | ||
| <groupId>org.apache.knox</groupId> | ||
| <artifactId>gateway-service-metadata</artifactId> | ||
| <artifactId>gateway-service-session</artifactId> |
There was a problem hiding this comment.
Why not add the new service as a separate dependency?
There was a problem hiding this comment.
Don't know what you mean here.
There was a problem hiding this comment.
Not sure why the patch only shows up like this but the original gateway-service-metadata is still in there. I had originally copy and pasted it but forgot to change the name then went back and changed it. The merged file looks fine.
| private static final String DEFAULT_SSO_COOKIE_NAME = "hadoop-jwt"; | ||
|
|
||
| static final String RESOURCE_PATH = "/api/v1/webssout"; | ||
| static final String RESOURCE_PATH = "knoxssout/api/v1/webssout"; |
There was a problem hiding this comment.
I don't get why do we need the knoxssout. This change makes the SSOUT API inconsistent with the rest of the APIs.
There was a problem hiding this comment.
Not all of the other APIs do that. It was done that way for APIs that were initially intended to be deployed to a single dedicated topology. Like the admin.xml.
| import org.apache.knox.gateway.security.SubjectUtils; | ||
|
|
||
| @Singleton | ||
| @Path("session/api/v1/") |
There was a problem hiding this comment.
Perhaps changing this to api/v1/session to be consistent with another API endpoints?
There was a problem hiding this comment.
I don't believe so - this is the session API, for now there is a sessioninfo but we could potentially add other things to it. It can be added to any topology and addressed via the session context path.
| console.debug('SessionInformationComponent --> getUser() --> dr.who'); | ||
| return 'dr.who'; |
There was a problem hiding this comment.
dr.who is common in Hadoop world. While I don't like it - it is better than the UI saying "Welcome null". :)
| // window.alert('Are you sure???'); | ||
| console.debug('SessionInformationComponent --> attempting logout() --> '); | ||
| if (this.sessionInformation) { | ||
| if (this.getLogoutUrl() == null) { |
There was a problem hiding this comment.
I'd use this.logoutSupported so that the logic if logout is supported happens in one place only (in setSessionInformation).
There was a problem hiding this comment.
Good point. I'll make that change - thanks!
| console.debug('SessionInformationComponent --> attempting logout() --> '); | ||
| if (this.sessionInformation) { | ||
| if (this.getLogoutUrl() == null) { | ||
| window.alert('Logout for the configured is IDP not supported.\nPlease close all browser windows to logout.'); |
There was a problem hiding this comment.
There is a more elegant way of notifying the end-users: using a module called sweetalert (https://www.npmjs.com/package/sweetalert). It's been used both on the Admin UI and on the Home Page. See this usage for instance:
https://github.com/apache/knox/blob/master/knox-homepage-ui/home/app/homepage.service.ts#L81
There was a problem hiding this comment.
This isn't being used now since it doesn't render the button at all for now. I'm not sure which is better which is why I left it here for now. A missing logout button may seem like a bug but a logout button that doesn't log you out may be bad as well. At least it is known to be intentional and provides some insights though. Planned to follow up with discussion on this. If we go that route we can use sweetalert instead for sure.
Change-Id: If29679793a5ae4629b1f3788459baf5682fe8c35
…tication Pr… (apache#372) * KNOX-2412 - Add Logout Link to Home Page for Select Authentication Providers Change-Id: If7a3acf3a9094b2aa528de9aa1edf3df86b9ef30
* changes: CDPD-14138 KNOX-2408 - Improved AliasBasedTokenState service and house-keeping (apache#371) CDPD-14898 KNOX-2412 - Add Logout Link to Home Page for Select Authentication Pr… (apache#372) CDPD-14138 KNOX-2402 - Adding Gateway performance testing (apache#365)
2 participants
What changes were proposed in this pull request?
Planned for Future
How was this patch tested?
The following has homePageLogoutEnabled=false