You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nifi.apache.org by mc...@apache.org on 2015/12/01 17:44:22 UTC

[44/51] [abbrv] nifi git commit: NIFI-655: - Ensuring the access token is not replicated when the user is already authenticated/authorized.

NIFI-655:
- Ensuring the access token is not replicated when the user is already authenticated/authorized.

Project: http://git-wip-us.apache.org/repos/asf/nifi/repo
Commit: http://git-wip-us.apache.org/repos/asf/nifi/commit/c722b563
Tree: http://git-wip-us.apache.org/repos/asf/nifi/tree/c722b563
Diff: http://git-wip-us.apache.org/repos/asf/nifi/diff/c722b563

Branch: refs/heads/master
Commit: c722b563351652702db70f1cc1501ff6754ffc70
Parents: a84e505
Author: Matt Gilman <ma...@gmail.com>
Authored: Mon Nov 30 14:57:38 2015 -0500
Committer: Matt Gilman <ma...@gmail.com>
Committed: Mon Nov 30 14:57:38 2015 -0500

----------------------------------------------------------------------
 .../java/org/apache/nifi/web/api/ApplicationResource.java     | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/nifi/blob/c722b563/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ApplicationResource.java
----------------------------------------------------------------------
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ApplicationResource.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ApplicationResource.java
index e4afd05..399879d 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ApplicationResource.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ApplicationResource.java
@@ -370,9 +370,6 @@ public abstract class ApplicationResource {
             if (user != null) {
                 // add the proxied user details
                 result.put(PROXIED_ENTITIES_CHAIN_HTTP_HEADER, ProxiedEntitiesUtils.buildProxiedEntitiesChainString(user));
-
-                // remove the access token if present, since the user is already authenticated/authorized
-                result.remove(JwtAuthenticationFilter.AUTHORIZATION);
             }
 
             // add the user's authorities (if any) to the headers
@@ -385,9 +382,11 @@ public abstract class ApplicationResource {
 
                     // put serialized user details in header
                     result.put(PROXIED_ENTITY_USER_DETAILS_HTTP_HEADER, hexEncodedUserDetails);
+
+                    // remove the access token if present, since the user is already authenticated/authorized
+                    result.remove(JwtAuthenticationFilter.AUTHORIZATION);
                 }
             }
-
         }
         return result;
     }