You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by mm...@apache.org on 2020/05/29 23:05:09 UTC

[pulsar] branch master updated: In HTTP authentication, throw exception from provider if there is one. (#7100)

This is an automated email from the ASF dual-hosted git repository.

mmerli pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pulsar.git


The following commit(s) were added to refs/heads/master by this push:
     new 09fc647  In HTTP authentication, throw exception from provider if there is one. (#7100)
09fc647 is described below

commit 09fc647529c036cbfca523d776ac059becd278ee
Author: Matteo Merli <mm...@apache.org>
AuthorDate: Fri May 29 16:04:54 2020 -0700

    In HTTP authentication, throw exception from provider if there is one. (#7100)
    
    Co-authored-by: Chris Kellogg <ck...@splunk.com>
---
 .../pulsar/broker/authentication/AuthenticationService.java    | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationService.java b/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationService.java
index 2822517..2db2222 100644
--- a/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationService.java
+++ b/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationService.java
@@ -84,12 +84,14 @@ public class AuthenticationService implements Closeable {
 
     public String authenticateHttpRequest(HttpServletRequest request) throws AuthenticationException {
         // Try to validate with any configured provider
+        AuthenticationException authenticationException = null;
         AuthenticationDataSource authData = new AuthenticationDataHttps(request);
         for (AuthenticationProvider provider : providers.values()) {
             try {
                 return provider.authenticate(authData);
             } catch (AuthenticationException e) {
-                // Ignore the exception because we don't know which authentication method is expected here.
+                // Store the exception so we can throw it later instead of a generic one
+                authenticationException = e;
             }
         }
 
@@ -99,7 +101,11 @@ public class AuthenticationService implements Closeable {
                 return anonymousUserRole;
             }
             // If at least a provider was configured, then the authentication needs to be provider
-            throw new AuthenticationException("Authentication required");
+            if (authenticationException != null) {
+                throw authenticationException;
+            } else {
+                throw new AuthenticationException("Authentication required");
+            }
         } else {
             // No authentication required
             return "<none>";