You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@druid.apache.org by fj...@apache.org on 2020/04/07 04:11:09 UTC
[druid] branch 0.18.0 updated: pac4j: be noop if a previous
authenticator in chain has successfully authenticated (#9620) (#9627)
This is an automated email from the ASF dual-hosted git repository.
fjy pushed a commit to branch 0.18.0
in repository https://gitbox.apache.org/repos/asf/druid.git
The following commit(s) were added to refs/heads/0.18.0 by this push:
new bc472e8 pac4j: be noop if a previous authenticator in chain has successfully authenticated (#9620) (#9627)
bc472e8 is described below
commit bc472e85f57216902cd598d4a158f7196c4d254c
Author: Himanshu <g....@gmail.com>
AuthorDate: Mon Apr 6 21:10:58 2020 -0700
pac4j: be noop if a previous authenticator in chain has successfully authenticated (#9620) (#9627)
---
.../src/main/java/org/apache/druid/security/pac4j/Pac4jFilter.java | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/extensions-core/druid-pac4j/src/main/java/org/apache/druid/security/pac4j/Pac4jFilter.java b/extensions-core/druid-pac4j/src/main/java/org/apache/druid/security/pac4j/Pac4jFilter.java
index 7a9eff7..4463e43 100644
--- a/extensions-core/druid-pac4j/src/main/java/org/apache/druid/security/pac4j/Pac4jFilter.java
+++ b/extensions-core/druid-pac4j/src/main/java/org/apache/druid/security/pac4j/Pac4jFilter.java
@@ -79,6 +79,13 @@ public class Pac4jFilter implements Filter
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
throws IOException, ServletException
{
+ // If there's already an auth result, then we have authenticated already, skip this or else caller
+ // could get HTTP redirect even if one of the druid authenticators in chain has successfully authenticated.
+ if (servletRequest.getAttribute(AuthConfig.DRUID_AUTHENTICATION_RESULT) != null) {
+ filterChain.doFilter(servletRequest, servletResponse);
+ return;
+ }
+
HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
J2EContext context = new J2EContext(httpServletRequest, httpServletResponse, sessionStore);
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@druid.apache.org
For additional commands, e-mail: commits-help@druid.apache.org