Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Current »

External Jupyter Notebook

With OAuth2 enabled, when an unauthenticated user tries to access or perform an action against ModelOp Center using an external Jupyter notebook, they will not be allowed to do so until they authenticate. The trigger for the authentication logic, located in the jupyter-plugin repository, is a 401 Unauthorized status code. However, Spring Security is no longer sending a 401 Unauthorized, but instead, a 302 Found status code. To override the 302 Found status code, we introduced the CustomAuthenticationEntryPoint class. The purpose of this class is to inspect all requests for protected resources coming from an unauthenticated user, and to determine if a 302 Found or 401 Unauthorized status code should be returned.
We identify external Jupyter notebook requests by checking for the Sec-Fetch-Mode header and its value. If a request is coming from an external Jupyter notebook, then Sec-Fetch-Mode header will be set with the cors value, in which case we return 401 Unauthorized. Otherwise, we return 302 Found and redirect to the login page.

To enable the use of CustomAuthenticationEntryPoint class, include the following line in odg-gatewa-service SecurityConfig class:

http.exceptionHandling().authenticationEntryPoint(new CustomAuthenticationEntryPoint(URI.create(this.authenticationFailureRedirectUri)));

  • No labels