You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@calcite.apache.org by "Julian Hyde (JIRA)" <ji...@apache.org> on 2017/05/30 16:22:05 UTC
[jira] [Updated] (CALCITE-1487) Avatica{Json,Protobuf}Handler
inadvertently returns HTTP/404 after authentication failure
[ https://issues.apache.org/jira/browse/CALCITE-1487?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Julian Hyde updated CALCITE-1487:
---------------------------------
Fix Version/s: (was: avatica-1.10.0)
avatica-1.11.0
> Avatica{Json,Protobuf}Handler inadvertently returns HTTP/404 after authentication failure
> -----------------------------------------------------------------------------------------
>
> Key: CALCITE-1487
> URL: https://issues.apache.org/jira/browse/CALCITE-1487
> Project: Calcite
> Issue Type: Bug
> Components: avatica
> Reporter: Josh Elser
> Labels: beginner
> Fix For: avatica-1.11.0
>
>
> I'm looking into a case where there are some authentication issues into an Avatica server. The SPNEGO handshake obviously failed via error in the server, but the client ultimately saw an HTTP/404 error which doesn't make sense (they should see a 401 or 403).
> I think I see why this happens. In the handlers, when the server is configured to require authenticated users and a user is not authenticated, the {{handle()}} method just returns.
> I believe the Handler implementation should set the Request as handled and set the appropriate response code. I believe the 404 is coming from the DefaultHandler (which has no html to serve for requests to "/").
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)