You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@druid.apache.org by jo...@apache.org on 2018/07/21 03:35:17 UTC

[incubator-druid] branch master updated: Add comment and code tweak to Basic HTTP Authenticator (#6029)

This is an automated email from the ASF dual-hosted git repository.

jonwei pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-druid.git


The following commit(s) were added to refs/heads/master by this push:
     new 0590293  Add comment and code tweak to Basic HTTP Authenticator (#6029)
0590293 is described below

commit 0590293538ff00b94ec2e4aeb49646cb9a8220ec
Author: Jonathan Wei <jo...@users.noreply.github.com>
AuthorDate: Fri Jul 20 20:35:14 2018 -0700

    Add comment and code tweak to Basic HTTP Authenticator (#6029)
---
 .../security/basic/authentication/BasicHTTPAuthenticator.java  | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/extensions-core/druid-basic-security/src/main/java/io/druid/security/basic/authentication/BasicHTTPAuthenticator.java b/extensions-core/druid-basic-security/src/main/java/io/druid/security/basic/authentication/BasicHTTPAuthenticator.java
index 1a4d717..bdd0aab 100644
--- a/extensions-core/druid-basic-security/src/main/java/io/druid/security/basic/authentication/BasicHTTPAuthenticator.java
+++ b/extensions-core/druid-basic-security/src/main/java/io/druid/security/basic/authentication/BasicHTTPAuthenticator.java
@@ -149,6 +149,7 @@ public class BasicHTTPAuthenticator implements Authenticator
 
     }
 
+
     @Override
     public void doFilter(
         ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain
@@ -163,9 +164,12 @@ public class BasicHTTPAuthenticator implements Authenticator
         return;
       }
 
+      // At this point, encodedUserSecret is not null, indicating that the request intends to perform
+      // Basic HTTP authentication. If any errors occur with the authentication, we send a 401 response immediately
+      // and do not proceed further down the filter chain.
       String decodedUserSecret = BasicAuthUtils.decodeUserSecret(encodedUserSecret);
       if (decodedUserSecret == null) {
-        // we recognized a Basic auth header, but could not decode the user secret
+        // We recognized a Basic auth header, but could not decode the user secret.
         httpResp.sendError(HttpServletResponse.SC_UNAUTHORIZED);
         return;
       }
@@ -182,12 +186,10 @@ public class BasicHTTPAuthenticator implements Authenticator
       if (checkCredentials(user, password)) {
         AuthenticationResult authenticationResult = new AuthenticationResult(user, authorizerName, name, null);
         servletRequest.setAttribute(AuthConfig.DRUID_AUTHENTICATION_RESULT, authenticationResult);
+        filterChain.doFilter(servletRequest, servletResponse);
       } else {
         httpResp.sendError(HttpServletResponse.SC_UNAUTHORIZED);
-        return;
       }
-
-      filterChain.doFilter(servletRequest, servletResponse);
     }
 
     @Override


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@druid.apache.org
For additional commands, e-mail: commits-help@druid.apache.org