Apache/hadoop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

HADOOP-13580. If user is unauthorized, log "unauthorized" instead of "Invalid signed text:". Contributed by Wei-Chiu Chuang.

Browse Source 
(cherry picked from commit f6f3a447bf3b2900a2e9a0615ad9877f9310e062)
(cherry picked from commit 031d5f6c5bf7ab74d9c12fbefdb1c12c58024f03)
This commit is contained in:
Wei-Chiu Chuang 2016-09-16 14:53:09 -07:00
parent ab57c869e2
commit c7b79e8d91
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
View File

@ -438,6 +438,9 @@ protected AuthenticationToken getToken(HttpServletRequest request) throws IOExce
for (Cookie cookie : cookies) { for (Cookie cookie : cookies) {
if (cookie.getName().equals(AuthenticatedURL.AUTH_COOKIE)) { if (cookie.getName().equals(AuthenticatedURL.AUTH_COOKIE)) {
tokenStr = cookie.getValue(); tokenStr = cookie.getValue();
if (tokenStr.isEmpty()) {
throw new AuthenticationException("Unauthorized access");
}
try { try {
tokenStr = signer.verifyAndExtract(tokenStr); tokenStr = signer.verifyAndExtract(tokenStr);
} catch (SignerException ex) { } catch (SignerException ex) {