You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by zh...@apache.org on 2020/05/12 13:44:53 UTC
[pulsar] 02/17: use originalAuthMethod on originalAuthChecker
(#6870)
This is an automated email from the ASF dual-hosted git repository.
zhaijia pushed a commit to branch branch-2.5
in repository https://gitbox.apache.org/repos/asf/pulsar.git
commit 450cc152277fe4dd64c68097dfc9feee75ecce27
Author: Alexandre DUVAL <ka...@gmail.com>
AuthorDate: Sat May 9 02:46:00 2020 +0200
use originalAuthMethod on originalAuthChecker (#6870)
Fixes #6873
Use originalAuthMethod on originalAuthProvider check.
(cherry picked from commit 8381371a3cdae52521c8d50ca053d7510989fb33)
---
.../java/org/apache/pulsar/broker/service/ServerCnx.java | 16 +++++++++++++++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/pulsar-broker/src/main/java/org/apache/pulsar/broker/service/ServerCnx.java b/pulsar-broker/src/main/java/org/apache/pulsar/broker/service/ServerCnx.java
index db61f8d..e72b599 100644
--- a/pulsar-broker/src/main/java/org/apache/pulsar/broker/service/ServerCnx.java
+++ b/pulsar-broker/src/main/java/org/apache/pulsar/broker/service/ServerCnx.java
@@ -649,9 +649,23 @@ public class ServerCnx extends PulsarHandler {
// 2. we require to validate the original credentials
// 3. no credentials were passed
if (connect.hasOriginalPrincipal() && service.getPulsar().getConfig().isAuthenticateOriginalAuthData()) {
+ // init authentication
+ String originalAuthMethod;
+ if (connect.hasOriginalAuthMethod()) {
+ originalAuthMethod = connect.getOriginalAuthMethod();
+ } else {
+ originalAuthMethod = "none";
+ }
+
AuthenticationProvider originalAuthenticationProvider = getBrokerService()
.getAuthenticationService()
- .getAuthenticationProvider(authMethod);
+ .getAuthenticationProvider(originalAuthMethod);
+
+ if (originalAuthenticationProvider == null) {
+ throw new AuthenticationException(String.format("Can't find AuthenticationProvider for original role" +
+ " using auth method [%s] is not available", originalAuthMethod));
+ }
+
originalAuthState = originalAuthenticationProvider.newAuthState(
AuthData.of(connect.getOriginalAuthData().getBytes()),
remoteAddress,