GitHub user prabhjyotsingh opened a pull request:
https://github.com/apache/zeppelin/pull/3155
[ZEPPELIN-3741] Do not clear "Authorization" header if Z-server is running
behind proxy
### What is this PR for?
There can be a case where Zeppelin-Sever is running as
Form-Based-Authentication, however, it can be running behind a proxy which may
be requiring Authorization header.
The idea of this PR is to not clear that header when it behind a proxy and
control it with config.
### What type of PR is it?
[Bug Fix]
### What is the Jira issue?
* [ZEPPELIN-3741](https://issues.apache.org/jira/browse/ZEPPELIN-3741)
### How should this be tested?
* Configure Nginx to run with `auth_basic` option
* Start Zeppelin server behind a proxy server like Nginx
* Make sure that `shiro.ini` is configured to run with `/** = authc`
* In `zeppelin-site.xml` configure
`zeppelin.server.clear.authorization.header` as `false`
Now on logout from Zeppelin-Server should not clear *Authorization* header
of Nginx
### Questions:
* Does the licenses files need update? N/A
* Is there breaking changes for older versions? N/A
* Does this needs documentation? Yes
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/prabhjyotsingh/zeppelin ZEPPELIN-3741
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/zeppelin/pull/3155.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #3155
----
commit 91249e182053e4a022b93067dca4f48caea68dc5
Author: Prabhjyot Singh <prabhjyotsingh@...>
Date: 2018-08-21T09:40:04Z
ZEPPELIN-3741: Do not clear "Authorization" header if Z-server is running
behind proxy
Change-Id: I6ff2e58026dd744821e9c5ccaf8fd0658cf610bd
----
---
