You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@lucene.apache.org by janhoy <gi...@git.apache.org> on 2018/12/10 14:47:15 UTC

[GitHub] lucene-solr pull request #458: SOLR-12799: Allow Authentication Plugins to i...

Github user janhoy commented on a diff in the pull request:

    https://github.com/apache/lucene-solr/pull/458#discussion_r240234930
  
    --- Diff: solr/core/src/java/org/apache/solr/security/BasicAuthPlugin.java ---
    @@ -172,6 +192,22 @@ public void closeRequest() {
         Map<String, String> getPromptHeaders();
       }
     
    +  @Override
    +  protected boolean interceptInternodeRequest(HttpRequest httpRequest, HttpContext httpContext) {
    +    if (forwardCredentials) {
    +      if (httpContext instanceof HttpClientContext) {
    +        HttpClientContext httpClientContext = (HttpClientContext) httpContext;
    +        if (httpClientContext.getUserToken() instanceof BasicAuthUserPrincipal) {
    +          BasicAuthUserPrincipal principal = (BasicAuthUserPrincipal) httpClientContext.getUserToken();
    +          String userPassBase64 = Base64.encodeBase64String((principal.getName() + ":" + principal.getPassword()).getBytes(StandardCharsets.UTF_8));
    --- End diff --
    
    UTF-8 is hardcoded, as it is also hardcoded on the backend side. Could alternatively have sent a `charset=UTF-8` on the `WWW-authenticate` header from the server to be explicit, but see no real need for that in the context of this issue.


---

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org