You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@druid.apache.org by fj...@apache.org on 2020/04/07 04:11:09 UTC

[druid] branch 0.18.0 updated: pac4j: be noop if a previous authenticator in chain has successfully authenticated (#9620) (#9627)

This is an automated email from the ASF dual-hosted git repository.

fjy pushed a commit to branch 0.18.0
in repository https://gitbox.apache.org/repos/asf/druid.git


The following commit(s) were added to refs/heads/0.18.0 by this push:
     new bc472e8  pac4j: be noop if a previous authenticator in chain has successfully authenticated (#9620) (#9627)
bc472e8 is described below

commit bc472e85f57216902cd598d4a158f7196c4d254c
Author: Himanshu <g....@gmail.com>
AuthorDate: Mon Apr 6 21:10:58 2020 -0700

    pac4j: be noop if a previous authenticator in chain has successfully authenticated (#9620) (#9627)
---
 .../src/main/java/org/apache/druid/security/pac4j/Pac4jFilter.java | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/extensions-core/druid-pac4j/src/main/java/org/apache/druid/security/pac4j/Pac4jFilter.java b/extensions-core/druid-pac4j/src/main/java/org/apache/druid/security/pac4j/Pac4jFilter.java
index 7a9eff7..4463e43 100644
--- a/extensions-core/druid-pac4j/src/main/java/org/apache/druid/security/pac4j/Pac4jFilter.java
+++ b/extensions-core/druid-pac4j/src/main/java/org/apache/druid/security/pac4j/Pac4jFilter.java
@@ -79,6 +79,13 @@ public class Pac4jFilter implements Filter
   public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
       throws IOException, ServletException
   {
+    // If there's already an auth result, then we have authenticated already, skip this or else caller
+    // could get HTTP redirect even if one of the druid authenticators in chain has successfully authenticated.
+    if (servletRequest.getAttribute(AuthConfig.DRUID_AUTHENTICATION_RESULT) != null) {
+      filterChain.doFilter(servletRequest, servletResponse);
+      return;
+    }
+
     HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
     HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
     J2EContext context = new J2EContext(httpServletRequest, httpServletResponse, sessionStore);


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@druid.apache.org
For additional commands, e-mail: commits-help@druid.apache.org