Apache
/
hadoop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

HADOOP-13580. If user is unauthorized, log "unauthorized" instead of "Invalid signed text:". Contributed by Wei-Chiu Chuang.

This commit is contained in:
Wei-Chiu Chuang 2016-09-16 14:53:09 -07:00
parent cd099a63d5
commit f6f3a447bf
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
View File

@ -438,6 +438,9 @@ public class AuthenticationFilter implements Filter {
for (Cookie cookie : cookies) { for (Cookie cookie : cookies) {
if (cookie.getName().equals(AuthenticatedURL.AUTH_COOKIE)) { if (cookie.getName().equals(AuthenticatedURL.AUTH_COOKIE)) {
tokenStr = cookie.getValue(); tokenStr = cookie.getValue();
if (tokenStr.isEmpty()) {
throw new AuthenticationException("Unauthorized access");
}
try { try {
tokenStr = signer.verifyAndExtract(tokenStr); tokenStr = signer.verifyAndExtract(tokenStr);
} catch (SignerException ex) { } catch (SignerException ex) {