You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@druid.apache.org by jo...@apache.org on 2018/07/21 03:35:17 UTC
[incubator-druid] branch master updated: Add comment and code tweak
to Basic HTTP Authenticator (#6029)
This is an automated email from the ASF dual-hosted git repository.
jonwei pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-druid.git
The following commit(s) were added to refs/heads/master by this push:
new 0590293 Add comment and code tweak to Basic HTTP Authenticator (#6029)
0590293 is described below
commit 0590293538ff00b94ec2e4aeb49646cb9a8220ec
Author: Jonathan Wei <jo...@users.noreply.github.com>
AuthorDate: Fri Jul 20 20:35:14 2018 -0700
Add comment and code tweak to Basic HTTP Authenticator (#6029)
---
.../security/basic/authentication/BasicHTTPAuthenticator.java | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/extensions-core/druid-basic-security/src/main/java/io/druid/security/basic/authentication/BasicHTTPAuthenticator.java b/extensions-core/druid-basic-security/src/main/java/io/druid/security/basic/authentication/BasicHTTPAuthenticator.java
index 1a4d717..bdd0aab 100644
--- a/extensions-core/druid-basic-security/src/main/java/io/druid/security/basic/authentication/BasicHTTPAuthenticator.java
+++ b/extensions-core/druid-basic-security/src/main/java/io/druid/security/basic/authentication/BasicHTTPAuthenticator.java
@@ -149,6 +149,7 @@ public class BasicHTTPAuthenticator implements Authenticator
}
+
@Override
public void doFilter(
ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain
@@ -163,9 +164,12 @@ public class BasicHTTPAuthenticator implements Authenticator
return;
}
+ // At this point, encodedUserSecret is not null, indicating that the request intends to perform
+ // Basic HTTP authentication. If any errors occur with the authentication, we send a 401 response immediately
+ // and do not proceed further down the filter chain.
String decodedUserSecret = BasicAuthUtils.decodeUserSecret(encodedUserSecret);
if (decodedUserSecret == null) {
- // we recognized a Basic auth header, but could not decode the user secret
+ // We recognized a Basic auth header, but could not decode the user secret.
httpResp.sendError(HttpServletResponse.SC_UNAUTHORIZED);
return;
}
@@ -182,12 +186,10 @@ public class BasicHTTPAuthenticator implements Authenticator
if (checkCredentials(user, password)) {
AuthenticationResult authenticationResult = new AuthenticationResult(user, authorizerName, name, null);
servletRequest.setAttribute(AuthConfig.DRUID_AUTHENTICATION_RESULT, authenticationResult);
+ filterChain.doFilter(servletRequest, servletResponse);
} else {
httpResp.sendError(HttpServletResponse.SC_UNAUTHORIZED);
- return;
}
-
- filterChain.doFilter(servletRequest, servletResponse);
}
@Override
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@druid.apache.org
For additional commands, e-mail: commits-help@druid.apache.org