hadoop-common-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From weic...@apache.org
Subject hadoop git commit: HADOOP-13580. If user is unauthorized, log "unauthorized" instead of "Invalid signed text:". Contributed by Wei-Chiu Chuang.
Date Fri, 16 Sep 2016 21:56:37 GMT
Repository: hadoop
Updated Branches:
  refs/heads/branch-2 40089eadf -> 031d5f6c5


HADOOP-13580. If user is unauthorized, log "unauthorized" instead of "Invalid signed text:".
Contributed by Wei-Chiu Chuang.

(cherry picked from commit f6f3a447bf3b2900a2e9a0615ad9877f9310e062)


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/031d5f6c
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/031d5f6c
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/031d5f6c

Branch: refs/heads/branch-2
Commit: 031d5f6c5bf7ab74d9c12fbefdb1c12c58024f03
Parents: 40089ea
Author: Wei-Chiu Chuang <weichiu@apache.org>
Authored: Fri Sep 16 14:53:09 2016 -0700
Committer: Wei-Chiu Chuang <weichiu@apache.org>
Committed: Fri Sep 16 14:53:50 2016 -0700

----------------------------------------------------------------------
 .../security/authentication/server/AuthenticationFilter.java      | 3 +++
 1 file changed, 3 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hadoop/blob/031d5f6c/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
index 0a9b8b5..5262fdc 100644
--- a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
+++ b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
@@ -438,6 +438,9 @@ public class AuthenticationFilter implements Filter {
       for (Cookie cookie : cookies) {
         if (cookie.getName().equals(AuthenticatedURL.AUTH_COOKIE)) {
           tokenStr = cookie.getValue();
+          if (tokenStr.isEmpty()) {
+            throw new AuthenticationException("Unauthorized access");
+          }
           try {
             tokenStr = signer.verifyAndExtract(tokenStr);
           } catch (SignerException ex) {


---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org


Mime
View raw message