diff --git a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java index 0a9b8b5b7c..5262fdc778 100644 --- a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java +++ b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java @@ -438,6 +438,9 @@ protected AuthenticationToken getToken(HttpServletRequest request) throws IOExce for (Cookie cookie : cookies) { if (cookie.getName().equals(AuthenticatedURL.AUTH_COOKIE)) { tokenStr = cookie.getValue(); + if (tokenStr.isEmpty()) { + throw new AuthenticationException("Unauthorized access"); + } try { tokenStr = signer.verifyAndExtract(tokenStr); } catch (SignerException ex) {