hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alejandro Abdelnur (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-10193) hadoop-auth's PseudoAuthenticationHandler can consume getInputStream
Date Sat, 28 Dec 2013 18:45:50 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-10193?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13858095#comment-13858095
] 

Alejandro Abdelnur commented on HADOOP-10193:
---------------------------------------------

[~gchanan], Good catch. Patch looks good, only thing I would change is making having a private
constant with {{Charset.forName("UTF-8")}} so we don't do the charset lookup on every call.
Other than that looks good.

> hadoop-auth's PseudoAuthenticationHandler can consume getInputStream
> --------------------------------------------------------------------
>
>                 Key: HADOOP-10193
>                 URL: https://issues.apache.org/jira/browse/HADOOP-10193
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: security
>            Reporter: Gregory Chanan
>            Assignee: Gregory Chanan
>            Priority: Minor
>             Fix For: 3.0.0
>
>         Attachments: HADOOP-10193.patch
>
>
> I'm trying to use the AuthenticationFilter in front of Apache Solr.  The issue I'm running
into is that the PseudoAuthenticationHandler calls ServletRequest.getParameter which affects
future calls to ServletRequest.getInputStream.  I.e. from the javadoc:
> {code}
> If the parameter data was sent in the request body, such as occurs with an HTTP POST
request, then reading the body directly via getInputStream() or getReader() can interfere
with the execution of this method. 
> {code}
> Solr calls getInputStream after the filter and errors result.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Mime
View raw message