You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tinkerpop.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2020/05/27 03:34:00 UTC

[jira] [Commented] (TINKERPOP-2374) SaslAndHttpBasicAuthenticationHandler can't extract authorization

    [ https://issues.apache.org/jira/browse/TINKERPOP-2374?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17117300#comment-17117300 ] 

ASF GitHub Bot commented on TINKERPOP-2374:
-------------------------------------------

javeme opened a new pull request #1289:
URL: https://github.com/apache/tinkerpop/pull/1289


   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


> SaslAndHttpBasicAuthenticationHandler can't extract authorization
> -----------------------------------------------------------------
>
>                 Key: TINKERPOP-2374
>                 URL: https://issues.apache.org/jira/browse/TINKERPOP-2374
>             Project: TinkerPop
>          Issue Type: Bug
>            Reporter: Jermy Li
>            Priority: Major
>
> When we use the following configuration and keep http connection alive, some requests will fail to get authorization information during consecutive requests.
> {code:yaml}
> channelizer: org.apache.tinkerpop.gremlin.server.channel.WsAndHttpChannelizer
> authentication: {
>   authenticationHandler: org.apache.tinkerpop.gremlin.server.handler.SaslAndHttpBasicAuthenticationHandler,
> }
> {code}
>  
> We expect the sequence in the pipeline to be:
> {code:java}
> (http-response-encoder = io.netty.handler.codec.http.HttpResponseEncoder), 
> (authenticator = org.apache.tinkerpop.gremlin.server.handler.SaslAndHttpBasicAuthenticationHandler), 
> (http-authentication = org.apache.tinkerpop.gremlin.server.handler.HttpBasicAuthenticationHandler),
> (request-handler = org.apache.tinkerpop.gremlin.server.handler.HttpGremlinEndpointHandler), 
> {code}
> authenticator -> {color:#ff0000}http-authentication{color} -> request-handler
> But sometimes its order becomes the following, so that user information cannot be obtained:
> {code:java}
> (http-response-encoder = io.netty.handler.codec.http.HttpResponseEncoder), 
> (authenticator = org.apache.tinkerpop.gremlin.server.handler.SaslAndHttpBasicAuthenticationHandler), 
> (request-handler = org.apache.tinkerpop.gremlin.server.handler.HttpGremlinEndpointHandler), 
> (http-authentication = org.apache.tinkerpop.gremlin.server.handler.HttpBasicAuthenticationHandler),
> {code}
> authenticator -> request-handler -> {color:#ff0000}http-authentication{color}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)