You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by ja...@apache.org on 2016/11/01 14:38:32 UTC
lucene-solr:master: SOLR-9481: Clearing existing global interceptors
on HttpClientUtil to avoid user/pass leaks from other tests
Repository: lucene-solr
Updated Branches:
refs/heads/master 22aa34e01 -> 4383bec84
SOLR-9481: Clearing existing global interceptors on HttpClientUtil to avoid user/pass leaks from other tests
Project: http://git-wip-us.apache.org/repos/asf/lucene-solr/repo
Commit: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/4383bec8
Tree: http://git-wip-us.apache.org/repos/asf/lucene-solr/tree/4383bec8
Diff: http://git-wip-us.apache.org/repos/asf/lucene-solr/diff/4383bec8
Branch: refs/heads/master
Commit: 4383bec84c38464c60e63880ad0ba37128d261a3
Parents: 22aa34e
Author: Jan H�ydahl <ja...@apache.org>
Authored: Tue Nov 1 15:38:21 2016 +0100
Committer: Jan H�ydahl <ja...@apache.org>
Committed: Tue Nov 1 15:38:21 2016 +0100
----------------------------------------------------------------------
solr/core/src/java/org/apache/solr/security/BasicAuthPlugin.java | 1 +
.../test/org/apache/solr/security/BasicAuthStandaloneTest.java | 3 +--
2 files changed, 2 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/4383bec8/solr/core/src/java/org/apache/solr/security/BasicAuthPlugin.java
----------------------------------------------------------------------
diff --git a/solr/core/src/java/org/apache/solr/security/BasicAuthPlugin.java b/solr/core/src/java/org/apache/solr/security/BasicAuthPlugin.java
index 29a887b..5c0717b 100644
--- a/solr/core/src/java/org/apache/solr/security/BasicAuthPlugin.java
+++ b/solr/core/src/java/org/apache/solr/security/BasicAuthPlugin.java
@@ -119,6 +119,7 @@ public class BasicAuthPlugin extends AuthenticationPlugin implements ConfigEdita
final String username = credentials.substring(0, p).trim();
String pwd = credentials.substring(p + 1).trim();
if (!authenticate(username, pwd)) {
+ log.debug("Bad auth credentials supplied in Authorization header");
authenticationFailure(response, "Bad credentials");
} else {
HttpServletRequestWrapper wrapper = new HttpServletRequestWrapper(request) {
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/4383bec8/solr/core/src/test/org/apache/solr/security/BasicAuthStandaloneTest.java
----------------------------------------------------------------------
diff --git a/solr/core/src/test/org/apache/solr/security/BasicAuthStandaloneTest.java b/solr/core/src/test/org/apache/solr/security/BasicAuthStandaloneTest.java
index e5fec06..7d6c436 100644
--- a/solr/core/src/test/org/apache/solr/security/BasicAuthStandaloneTest.java
+++ b/solr/core/src/test/org/apache/solr/security/BasicAuthStandaloneTest.java
@@ -73,6 +73,7 @@ public class BasicAuthStandaloneTest extends AbstractSolrTestCase {
instance.setUp();
jetty = createJetty(instance);
securityConfHandler = new SecurityConfHandlerLocalForTesting(jetty.getCoreContainer());
+ HttpClientUtil.clearRequestInterceptors(); // Clear out any old Authorization headers
}
@Override
@@ -101,8 +102,6 @@ public class BasicAuthStandaloneTest extends AbstractSolrTestCase {
securityConfHandler.persistConf(new SecurityConfHandler.SecurityConfig()
.setData(Utils.fromJSONString(STD_CONF.replaceAll("'", "\""))));
securityConfHandler.securityConfEdited();
- log.debug("Newly written security.json is " + securityConfHandler.getSecurityConfig(false) +
- " and baseUrl is " + baseUrl);
verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/class", "solr.BasicAuthPlugin", 20);
String command = "{\n" +