From f6f3a447bf3b2900a2e9a0615ad9877f9310e062 Mon Sep 17 00:00:00 2001 From: Wei-Chiu Chuang Date: Fri, 16 Sep 2016 14:53:09 -0700 Subject: [PATCH] HADOOP-13580. If user is unauthorized, log "unauthorized" instead of "Invalid signed text:". Contributed by Wei-Chiu Chuang. --- .../security/authentication/server/AuthenticationFilter.java | 3 +++ 1 file changed, 3 insertions(+) diff --git a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java index 0a9b8b5b7c..5262fdc778 100644 --- a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java +++ b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java @@ -438,6 +438,9 @@ protected AuthenticationToken getToken(HttpServletRequest request) throws IOExce for (Cookie cookie : cookies) { if (cookie.getName().equals(AuthenticatedURL.AUTH_COOKIE)) { tokenStr = cookie.getValue(); + if (tokenStr.isEmpty()) { + throw new AuthenticationException("Unauthorized access"); + } try { tokenStr = signer.verifyAndExtract(tokenStr); } catch (SignerException ex) {