You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kyuubi.apache.org by ch...@apache.org on 2022/04/28 14:03:28 UTC
[incubator-kyuubi] branch master updated: [KYUUBI #2496] Prevent empty auth user when anonymous is allowed
This is an automated email from the ASF dual-hosted git repository.
chengpan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-kyuubi.git
The following commit(s) were added to refs/heads/master by this push:
new beb132f96 [KYUUBI #2496] Prevent empty auth user when anonymous is allowed
beb132f96 is described below
commit beb132f96fe055f0349e4db1315aaba3d385acae
Author: Fei Wang <fw...@ebay.com>
AuthorDate: Thu Apr 28 22:03:18 2022 +0800
[KYUUBI #2496] Prevent empty auth user when anonymous is allowed
### _Why are the changes needed?_
Prevent empty auth user when allow anonymous
### _How was this patch tested?_
- [ ] Add some test cases that check the changes thoroughly including negative and positive cases if possible
- [ ] Add screenshots for manual tests if appropriate
- [x] [Run test](https://kyuubi.apache.org/docs/latest/develop_tools/testing.html#running-tests) locally before make a pull request
Closes #2496 from turboFei/empty_user.
Closes #2496
6b25c5c5 [Fei Wang] Prevent empty user
Authored-by: Fei Wang <fw...@ebay.com>
Signed-off-by: Cheng Pan <ch...@apache.org>
---
.../kyuubi/server/http/authentication/BasicAuthenticationHandler.scala | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kyuubi-server/src/main/scala/org/apache/kyuubi/server/http/authentication/BasicAuthenticationHandler.scala b/kyuubi-server/src/main/scala/org/apache/kyuubi/server/http/authentication/BasicAuthenticationHandler.scala
index 86db1af2c..57ce2e60e 100644
--- a/kyuubi-server/src/main/scala/org/apache/kyuubi/server/http/authentication/BasicAuthenticationHandler.scala
+++ b/kyuubi-server/src/main/scala/org/apache/kyuubi/server/http/authentication/BasicAuthenticationHandler.scala
@@ -72,7 +72,7 @@ class BasicAuthenticationHandler(basicAuthType: AuthType)
val creds = new String(inputToken, Charset.forName("UTF-8")).split(":")
if (allowAnonymous) {
- authUser = creds.take(1).headOption.getOrElse("anonymous")
+ authUser = creds.take(1).headOption.filterNot(_.isEmpty).getOrElse("anonymous")
} else {
if (creds.size < 2 || creds(0).trim.isEmpty || creds(1).trim.isEmpty) {
response.setHeader(WWW_AUTHENTICATE, authScheme.toString)