honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
OpenSearch/elasticsearch
History
jaymode 95a8f77146 shield: do not throw exception if authorization header is not a basic token 
Custom realms may enable the use of other authorization schemes than just basic authentication
and these schemes should work in addition to our built in realms. However, our built in realms use
the UsernamePasswordToken class to parse the Authorization header, which had a check to ensure
the token was for basic authentication and if not, an exception was thrown. The throwing of the
exception stops the authentication process and prevents custom realms from evaluating the header
if they come later in the ordering of realms.

This change removes the throwing of the exception unless the header starts with 'Basic ' and is invalid.

Original commit: elastic/x-pack-elasticsearch@fd438ded95
 		2016-02-11 09:59:35 -05:00
..
license Checkstyle: Adhere to checkstyle in all xpack .java files 2016-02-05 16:57:41 +01:00
qa Refactoring for 5.0 - phase 4 2016-02-10 11:15:35 +01:00
x-dev-tools Shield refactoring for 5.0 - phase 3 2016-02-09 16:06:49 +01:00
x-pack shield: do not throw exception if authorization header is not a basic token 2016-02-11 09:59:35 -05:00
build.gradle Change path separator for Checkstyle suppressions to be Windows compatible 2016-02-05 12:15:47 +01:00
checkstyle_suppressions.xml Remove suppression and implement hashCode 2016-02-09 21:49:13 -05:00