You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@calcite.apache.org by "Josh Elser (JIRA)" <ji...@apache.org> on 2016/11/09 21:54:58 UTC
[jira] [Created] (CALCITE-1487) Avatica{Json,Protobuf}Handler
inadvertently returns HTTP/404 after authentication failure
Josh Elser created CALCITE-1487:
-----------------------------------
Summary: Avatica{Json,Protobuf}Handler inadvertently returns HTTP/404 after authentication failure
Key: CALCITE-1487
URL: https://issues.apache.org/jira/browse/CALCITE-1487
Project: Calcite
Issue Type: Bug
Components: avatica
Reporter: Josh Elser
Fix For: avatica-1.10.0
I'm looking into a case where there are some authentication issues into an Avatica server. The SPNEGO handshake obviously failed via error in the server, but the client ultimately saw an HTTP/404 error which doesn't make sense (they should see a 401 or 403).
I think I see why this happens. In the handlers, when the server is configured to require authenticated users and a user is not authenticated, the {{handle()}} method just returns.
I believe the Handler implementation should set the Request as handled and set the appropriate response code. I believe the 404 is coming from the DefaultHandler (which has no html to serve for requests to "/").
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)