HADOOP-8355. SPNEGO filter throws/logs exception when authentication fails (tucu)

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1333746 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Alejandro Abdelnur 2012-05-04 03:13:37 +00:00
parent af66607406
commit a7993ef5e8
2 changed files with 10 additions and 5 deletions

View File

@ -327,6 +327,8 @@ protected AuthenticationToken getToken(HttpServletRequest request) throws IOExce
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain)
throws IOException, ServletException {
boolean unauthorizedResponse = true;
String unauthorizedMsg = "";
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
try {
@ -350,6 +352,7 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha
newToken = true;
}
if (token != null) {
unauthorizedResponse = false;
if (LOG.isDebugEnabled()) {
LOG.debug("Request [{}] user [{}] authenticated", getRequestURL(httpRequest), token.getUserName());
}
@ -378,17 +381,17 @@ public Principal getUserPrincipal() {
}
filterChain.doFilter(httpRequest, httpResponse);
}
else {
throw new AuthenticationException("Missing AuthenticationToken");
}
} catch (AuthenticationException ex) {
unauthorizedMsg = ex.toString();
LOG.warn("Authentication exception: " + ex.getMessage(), ex);
}
if (unauthorizedResponse) {
if (!httpResponse.isCommitted()) {
Cookie cookie = createCookie("");
cookie.setMaxAge(0);
httpResponse.addCookie(cookie);
httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, ex.getMessage());
httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, unauthorizedMsg);
}
LOG.warn("Authentication exception: " + ex.getMessage(), ex);
}
}

View File

@ -418,6 +418,8 @@ Release 2.0.0 - UNRELEASED
HADOOP-8346. Makes oid changes to make SPNEGO work. Was broken due
to fixes introduced by the IBM JDK compatibility patch. (ddas)
HADOOP-8355. SPNEGO filter throws/logs exception when authentication fails (tucu)
BREAKDOWN OF HADOOP-7454 SUBTASKS
HADOOP-7455. HA: Introduce HA Service Protocol Interface. (suresh)