knoxsso redirect to ambari error

abbas_kurdistan · ‎02-17-2019

i want configuration knoxsso for ambari.

(ambari integrated with openldap)

error in log file:

2019-02-17 16:25:17,090 ERROR knox.gateway (GatewayServlet.java:doFilter(174)) - Gateway processing failed: org.eclipse.jetty.io.EofException

i want know how setup knoxxsso for ambari step by step.

@Neeraj Sabharwal

rdobson · ‎02-19-2019

Hi @abbas mohammadnejad,

Have you tried the following knox setup doc? https://docs.hortonworks.com/HDPDocuments/HDP3/HDP-3.1.0/installing-knox/content/sso_set_up_knox_sso...

Kind Regards,

Richard

nixonrodrigues · ‎02-19-2019

@abbas mohammadnejad

1) From the Configs tab, scroll to find the Advanced knoxsso-topology tab and expand it.

2) Change the values for the ShiroProvider authentication provider to match the following values:

<provider>
    <role>authentication</role>
    <name>ShiroProvider</name>
    <enabled> true </enabled>
    <param>
    <name>main.ldapRealm</name>
    <value>org.apache.shiro.realm.ldap.JndiLdapRealm</value>
    </param>
    <name>main.ldapRealm.userDnTemplate</name>
    <value> $USER_DN </value>
    </param>
    <name>main.ldapRealm.contextFactory.url</name>
    <value> $protocol :// $ldaphost : $port </value>
    </param>
    <name>main.ldapRealm.contextFactory.authenticationMechanism</name>
    <value>simple</value>
    </param>
    <name>urls./**</name>
    <value> $auth_type </value>
    </param>
    <name>sessionTimeout</name>
    <value> $minutes </value>
    </param>
</provider>

3 Save the configs

abbas_kurdistan · ‎02-23-2019

hi @Nixon Rodrigues

thank you so much. for enable sso i following bellow steps:

1. install knox with ambari ui.

2. Configure Ambari Authentication for LDAP/AD.

3. Configure an LDAP/AD Identity Provider (IdP).

4. Enable Knox SSO using the Ambari CLI.

5. amabari server restart.

is necessary i setup proxy or i use the default topology ?