You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@kyuubi.apache.org by ch...@apache.org on 2022/04/28 14:03:28 UTC

[incubator-kyuubi] branch master updated: [KYUUBI #2496] Prevent empty auth user when anonymous is allowed

This is an automated email from the ASF dual-hosted git repository.

chengpan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-kyuubi.git


The following commit(s) were added to refs/heads/master by this push:
     new beb132f96 [KYUUBI #2496] Prevent empty auth user when anonymous is allowed
beb132f96 is described below

commit beb132f96fe055f0349e4db1315aaba3d385acae
Author: Fei Wang <fw...@ebay.com>
AuthorDate: Thu Apr 28 22:03:18 2022 +0800

    [KYUUBI #2496] Prevent empty auth user when anonymous is allowed
    
    ### _Why are the changes needed?_
    
    Prevent empty auth user when allow anonymous
    
    ### _How was this patch tested?_
    - [ ] Add some test cases that check the changes thoroughly including negative and positive cases if possible
    
    - [ ] Add screenshots for manual tests if appropriate
    
    - [x] [Run test](https://kyuubi.apache.org/docs/latest/develop_tools/testing.html#running-tests) locally before make a pull request
    
    Closes #2496 from turboFei/empty_user.
    
    Closes #2496
    
    6b25c5c5 [Fei Wang] Prevent empty user
    
    Authored-by: Fei Wang <fw...@ebay.com>
    Signed-off-by: Cheng Pan <ch...@apache.org>
---
 .../kyuubi/server/http/authentication/BasicAuthenticationHandler.scala  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kyuubi-server/src/main/scala/org/apache/kyuubi/server/http/authentication/BasicAuthenticationHandler.scala b/kyuubi-server/src/main/scala/org/apache/kyuubi/server/http/authentication/BasicAuthenticationHandler.scala
index 86db1af2c..57ce2e60e 100644
--- a/kyuubi-server/src/main/scala/org/apache/kyuubi/server/http/authentication/BasicAuthenticationHandler.scala
+++ b/kyuubi-server/src/main/scala/org/apache/kyuubi/server/http/authentication/BasicAuthenticationHandler.scala
@@ -72,7 +72,7 @@ class BasicAuthenticationHandler(basicAuthType: AuthType)
     val creds = new String(inputToken, Charset.forName("UTF-8")).split(":")
 
     if (allowAnonymous) {
-      authUser = creds.take(1).headOption.getOrElse("anonymous")
+      authUser = creds.take(1).headOption.filterNot(_.isEmpty).getOrElse("anonymous")
     } else {
       if (creds.size < 2 || creds(0).trim.isEmpty || creds(1).trim.isEmpty) {
         response.setHeader(WWW_AUTHENTICATE, authScheme.toString)