You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by mm...@apache.org on 2020/05/29 23:05:09 UTC
[pulsar] branch master updated: In HTTP authentication,
throw exception from provider if there is one. (#7100)
This is an automated email from the ASF dual-hosted git repository.
mmerli pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pulsar.git
The following commit(s) were added to refs/heads/master by this push:
new 09fc647 In HTTP authentication, throw exception from provider if there is one. (#7100)
09fc647 is described below
commit 09fc647529c036cbfca523d776ac059becd278ee
Author: Matteo Merli <mm...@apache.org>
AuthorDate: Fri May 29 16:04:54 2020 -0700
In HTTP authentication, throw exception from provider if there is one. (#7100)
Co-authored-by: Chris Kellogg <ck...@splunk.com>
---
.../pulsar/broker/authentication/AuthenticationService.java | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationService.java b/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationService.java
index 2822517..2db2222 100644
--- a/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationService.java
+++ b/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationService.java
@@ -84,12 +84,14 @@ public class AuthenticationService implements Closeable {
public String authenticateHttpRequest(HttpServletRequest request) throws AuthenticationException {
// Try to validate with any configured provider
+ AuthenticationException authenticationException = null;
AuthenticationDataSource authData = new AuthenticationDataHttps(request);
for (AuthenticationProvider provider : providers.values()) {
try {
return provider.authenticate(authData);
} catch (AuthenticationException e) {
- // Ignore the exception because we don't know which authentication method is expected here.
+ // Store the exception so we can throw it later instead of a generic one
+ authenticationException = e;
}
}
@@ -99,7 +101,11 @@ public class AuthenticationService implements Closeable {
return anonymousUserRole;
}
// If at least a provider was configured, then the authentication needs to be provider
- throw new AuthenticationException("Authentication required");
+ if (authenticationException != null) {
+ throw authenticationException;
+ } else {
+ throw new AuthenticationException("Authentication required");
+ }
} else {
// No authentication required
return "<none>";