Apache
/
nifi
mirror of https://github.com/apache/nifi.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

NIFI-655: 

- Ensuring the access token is not replicated when the user is already authenticated/authorized.
This commit is contained in:
Matt Gilman 2015-11-30 14:57:38 -05:00
parent a84e505bcd
commit c722b56335
1 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ApplicationResource.java
View File

@ -370,9 +370,6 @@ public abstract class ApplicationResource {
if (user != null) { if (user != null) {
// add the proxied user details // add the proxied user details
result.put(PROXIED_ENTITIES_CHAIN_HTTP_HEADER, ProxiedEntitiesUtils.buildProxiedEntitiesChainString(user)); result.put(PROXIED_ENTITIES_CHAIN_HTTP_HEADER, ProxiedEntitiesUtils.buildProxiedEntitiesChainString(user));
// remove the access token if present, since the user is already authenticated/authorized
result.remove(JwtAuthenticationFilter.AUTHORIZATION);
} }
// add the user's authorities (if any) to the headers // add the user's authorities (if any) to the headers
@ -385,9 +382,11 @@ public abstract class ApplicationResource {
// put serialized user details in header // put serialized user details in header
result.put(PROXIED_ENTITY_USER_DETAILS_HTTP_HEADER, hexEncodedUserDetails); result.put(PROXIED_ENTITY_USER_DETAILS_HTTP_HEADER, hexEncodedUserDetails);
// remove the access token if present, since the user is already authenticated/authorized
result.remove(JwtAuthenticationFilter.AUTHORIZATION);
} }
} }
} }
return result; return result;
} }