Fixed a bug in anonymous user via REST

The resolved anonymous user was not added to the REST request context. This resulted in that when the request was "translated" to a transport request, the fallback was the `system user`. The commit fixes that. Original commit: elastic/x-pack-elasticsearch@acea6becf1
2015-03-05 21:05:15 +01:00 · 2015-03-05 21:05:15 +01:00 · a977bb404f
parent f0f4973ac3
commit a977bb404f
2 changed files with 7 additions and 0 deletions
--- a/src/main/java/org/elasticsearch/shield/authc/InternalAuthenticationService.java
+++ b/src/main/java/org/elasticsearch/shield/authc/InternalAuthenticationService.java
@ -56,6 +56,9 @@ public class InternalAuthenticationService extends AbstractComponent implements
        AuthenticationToken token = token(request);
        if (token == null) {
            if (anonymouseUser != null) {
+                // we must put the user in the request context, so it'll be copied to the
+                // transport request - without it, the transport will assume system user
+                request.putInContext(USER_KEY, anonymouseUser);
                return anonymouseUser;
            }
            auditTrail.anonymousAccessDenied(request);
@ -65,6 +68,8 @@ public class InternalAuthenticationService extends AbstractComponent implements
        if (user == null) {
            throw new AuthenticationException("unable to authenticate user [" + token.principal() + "] for REST request [" + request.uri() + "]");
        }
+        // we must put the user in the request context, so it'll be copied to the
+        // transport request - without it, the transport will assume system user
        request.putInContext(USER_KEY, user);
        return user;
    }
--- a/src/test/java/org/elasticsearch/shield/authc/InternalAuthenticationServiceTests.java
+++ b/src/test/java/org/elasticsearch/shield/authc/InternalAuthenticationServiceTests.java
@ -443,6 +443,8 @@ public class InternalAuthenticationServiceTests extends ElasticsearchTestCase {
        RestRequest request = new InternalRestRequest();

        User user = service.authenticate(request);
+        assertThat(request.getFromContext(InternalAuthenticationService.USER_KEY), notNullValue());
+        assertThat(request.getFromContext(InternalAuthenticationService.USER_KEY), sameInstance((Object) user));
        assertThat(user, notNullValue());
        assertThat(user.principal(), equalTo(username));
        assertThat(user.roles(), arrayContainingInAnyOrder("r1", "r2", "r3"));