You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@druid.apache.org by GitBox <gi...@apache.org> on 2018/07/21 03:35:16 UTC

[GitHub] jon-wei closed pull request #6029: Add comment and code tweak to Basic HTTP Authenticator

jon-wei closed pull request #6029: Add comment and code tweak to Basic HTTP Authenticator
URL: https://github.com/apache/incubator-druid/pull/6029
 
 
   

This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:

As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):

diff --git a/extensions-core/druid-basic-security/src/main/java/io/druid/security/basic/authentication/BasicHTTPAuthenticator.java b/extensions-core/druid-basic-security/src/main/java/io/druid/security/basic/authentication/BasicHTTPAuthenticator.java
index 1a4d717125f..bdd0aabf9a8 100644
--- a/extensions-core/druid-basic-security/src/main/java/io/druid/security/basic/authentication/BasicHTTPAuthenticator.java
+++ b/extensions-core/druid-basic-security/src/main/java/io/druid/security/basic/authentication/BasicHTTPAuthenticator.java
@@ -149,6 +149,7 @@ public void init(FilterConfig filterConfig)
 
     }
 
+
     @Override
     public void doFilter(
         ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain
@@ -163,9 +164,12 @@ public void doFilter(
         return;
       }
 
+      // At this point, encodedUserSecret is not null, indicating that the request intends to perform
+      // Basic HTTP authentication. If any errors occur with the authentication, we send a 401 response immediately
+      // and do not proceed further down the filter chain.
       String decodedUserSecret = BasicAuthUtils.decodeUserSecret(encodedUserSecret);
       if (decodedUserSecret == null) {
-        // we recognized a Basic auth header, but could not decode the user secret
+        // We recognized a Basic auth header, but could not decode the user secret.
         httpResp.sendError(HttpServletResponse.SC_UNAUTHORIZED);
         return;
       }
@@ -182,12 +186,10 @@ public void doFilter(
       if (checkCredentials(user, password)) {
         AuthenticationResult authenticationResult = new AuthenticationResult(user, authorizerName, name, null);
         servletRequest.setAttribute(AuthConfig.DRUID_AUTHENTICATION_RESULT, authenticationResult);
+        filterChain.doFilter(servletRequest, servletResponse);
       } else {
         httpResp.sendError(HttpServletResponse.SC_UNAUTHORIZED);
-        return;
       }
-
-      filterChain.doFilter(servletRequest, servletResponse);
     }
 
     @Override


 

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@druid.apache.org
For additional commands, e-mail: dev-help@druid.apache.org