Apache
/
hadoop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge -r 1333745:1333746 from trunk to branch. FIXES: HADOOP-8355 

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/branch-2@1333747 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Alejandro Abdelnur 2012-05-04 03:15:27 +00:00
parent 8767e1803d
commit c7a47f2b8f
2 changed files with 10 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
View File

@ -327,6 +327,8 @@ public class AuthenticationFilter implements Filter {
@Override @Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain)
throws IOException, ServletException { throws IOException, ServletException {
boolean unauthorizedResponse = true;
String unauthorizedMsg = "";
HttpServletRequest httpRequest = (HttpServletRequest) request; HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response; HttpServletResponse httpResponse = (HttpServletResponse) response;
try { try {
@ -350,6 +352,7 @@ public class AuthenticationFilter implements Filter {
newToken = true; newToken = true;
} }
if (token != null) { if (token != null) {
unauthorizedResponse = false;
if (LOG.isDebugEnabled()) { if (LOG.isDebugEnabled()) {
LOG.debug("Request [{}] user [{}] authenticated", getRequestURL(httpRequest), token.getUserName()); LOG.debug("Request [{}] user [{}] authenticated", getRequestURL(httpRequest), token.getUserName());
} }
@ -378,17 +381,17 @@ public class AuthenticationFilter implements Filter {
} }
filterChain.doFilter(httpRequest, httpResponse); filterChain.doFilter(httpRequest, httpResponse);
} }
else {
throw new AuthenticationException("Missing AuthenticationToken");
}
} catch (AuthenticationException ex) { } catch (AuthenticationException ex) {
unauthorizedMsg = ex.toString();
LOG.warn("Authentication exception: " + ex.getMessage(), ex);
}
if (unauthorizedResponse) {
if (!httpResponse.isCommitted()) { if (!httpResponse.isCommitted()) {
Cookie cookie = createCookie(""); Cookie cookie = createCookie("");
cookie.setMaxAge(0); cookie.setMaxAge(0);
httpResponse.addCookie(cookie); httpResponse.addCookie(cookie);
httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, ex.getMessage()); httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, unauthorizedMsg);
} }
LOG.warn("Authentication exception: " + ex.getMessage(), ex);
} }
} }

2
hadoop-common-project/hadoop-common/CHANGES.txt
View File

@ -289,6 +289,8 @@ Release 2.0.0 - UNRELEASED
HADOOP-8346. Makes oid changes to make SPNEGO work. Was broken due HADOOP-8346. Makes oid changes to make SPNEGO work. Was broken due
to fixes introduced by the IBM JDK compatibility patch. (ddas) to fixes introduced by the IBM JDK compatibility patch. (ddas)
HADOOP-8355. SPNEGO filter throws/logs exception when authentication fails (tucu)
BREAKDOWN OF HADOOP-7454 SUBTASKS BREAKDOWN OF HADOOP-7454 SUBTASKS
HADOOP-7455. HA: Introduce HA Service Protocol Interface. (suresh) HADOOP-7455. HA: Introduce HA Service Protocol Interface. (suresh)