Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

knoxsso redirect to ambari error

Highlighted

knoxsso redirect to ambari error

New Contributor

i want configuration knoxsso for ambari.

(ambari integrated with openldap)

error in log file:

2019-02-17 16:25:17,090 ERROR knox.gateway (GatewayServlet.java:doFilter(174)) - Gateway processing failed: org.eclipse.jetty.io.EofException

i want know how setup knoxxsso for ambari step by step.

@Neeraj Sabharwal

3 REPLIES 3

Re: knoxsso redirect to ambari error

Cloudera Employee

Re: knoxsso redirect to ambari error

Expert Contributor

@abbas mohammadnejad

1) From the Configs tab, scroll to find the Advanced knoxsso-topology tab and expand it.

2) Change the values for the ShiroProvider authentication provider to match the following values:


<provider>
    <role>authentication</role>
    <name>ShiroProvider</name>
    <enabled> true </enabled>
    <param>
    <name>main.ldapRealm</name>
    <value>org.apache.shiro.realm.ldap.JndiLdapRealm</value>
    </param>
    <name>main.ldapRealm.userDnTemplate</name>
    <value> $USER_DN </value>
    </param>
    <name>main.ldapRealm.contextFactory.url</name>
    <value> $protocol :// $ldaphost : $port </value>
    </param>
    <name>main.ldapRealm.contextFactory.authenticationMechanism</name>
    <value>simple</value>
    </param>
    <name>urls./**</name>
    <value> $auth_type </value>
    </param>
    <name>sessionTimeout</name>
    <value> $minutes </value>
    </param>
</provider>











3 Save the configs


Re: knoxsso redirect to ambari error

New Contributor

hi @Nixon Rodrigues

thank you so much. for enable sso i following bellow steps:

1. install knox with ambari ui.

2. Configure Ambari Authentication for LDAP/AD.

3. Configure an LDAP/AD Identity Provider (IdP).

4. Enable Knox SSO using the Ambari CLI.

5. amabari server restart.

is necessary i setup proxy or i use the default topology ?