You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@calcite.apache.org by "Josh Elser (JIRA)" <ji...@apache.org> on 2016/11/09 21:54:58 UTC

[jira] [Created] (CALCITE-1487) Avatica{Json,Protobuf}Handler inadvertently returns HTTP/404 after authentication failure

Josh Elser created CALCITE-1487:
-----------------------------------

             Summary: Avatica{Json,Protobuf}Handler inadvertently returns HTTP/404 after authentication failure
                 Key: CALCITE-1487
                 URL: https://issues.apache.org/jira/browse/CALCITE-1487
             Project: Calcite
          Issue Type: Bug
          Components: avatica
            Reporter: Josh Elser
             Fix For: avatica-1.10.0


I'm looking into a case where there are some authentication issues into an Avatica server. The SPNEGO handshake obviously failed via error in the server, but the client ultimately saw an HTTP/404 error which doesn't make sense (they should see a 401 or 403).

I think I see why this happens. In the handlers, when the server is configured to require authenticated users and a user is not authenticated, the {{handle()}} method just returns.

I believe the Handler implementation should set the Request as handled and set the appropriate response code. I believe the 404 is coming from the DefaultHandler (which has no html to serve for requests to "/").



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)