Log in
Skip to sidebar
Skip to main content
Linked Applications
Loading…
Apache Software Foundation
Spaces
Hit enter to search
Help
Online Help
Keyboard Shortcuts
Feed Builder
What’s new
What’s new
Available Gadgets
About Confluence
Log in
KNOX
Pages
Blog
Space shortcuts
UML Diagrams
Child pages
Designs
REST SSO Flows
Browse pages
Configure
Space tools
A
t
tachments (0)
Page History
Resolved comments
Page Information
View in Hierarchy
View Source
Delete comments
Export to PDF
Export to Word
Copy Page Tree
Pages
Index
Designs
Jira links
REST SSO Flows
Created by
Kevin Minder
, last modified on
Dec 12, 2014
REST SSO Flow (SAML)
Client
(eg JEE App)
SAML IdP
(eg Shibboleth)
Knox
GW
Hadoop
(eg NN)
Non-normative example of how a saml-bearer-token might be obtained
1
/authenticate.POST(username,password)
2
ok200(saml-bearer-token)
3
/cluster/service.GET(saml-bearer-token)
4
validate(saml-bearer-token):username
5
/service.GET(username)
6
ok200(results)
7
ok200(results)
REST SSO Flow (SAML)
Client
(eg JEE App)
SSO
(eg Shibboleth)
Knox
GW
LDAP
Hadoop
(eg NN)
1
/authenticate.POST(username,password)
2
saml-bearer-token[username]
3
/cluster/service.GET(jwt-bearer-token)
4
lookupGroups(username):groups
5
/service.GET(username)
6
ok200(results)
7
ok200(results)
REST SSO Flow (LDAP)
Client
(eg JEE App)
Knox
TS/SSO
LDAP
Knox
GW
Hadoop
(eg NN)
1
/authenticate.POST(username,password)
2
authenticate(username,password)
3
lookupGroups():groups
4
jwt-bearer-token[username,groups]
5
/cluster/service.GET(jwt-bearer-token)
6
/service.GET(username)
7
results
8
results
No labels
Overview
Content Tools
Apps
{"serverDuration": 146, "requestCorrelationId": "1faa9c10f93267dc"}