HADOOP-13580. If user is unauthorized, log "unauthorized" instead of "Invalid signed text:". Contributed by Wei-Chiu Chuang.
This commit is contained in:
parent
cd099a63d5
commit
f6f3a447bf
@ -438,6 +438,9 @@ protected AuthenticationToken getToken(HttpServletRequest request) throws IOExce
|
|||||||
for (Cookie cookie : cookies) {
|
for (Cookie cookie : cookies) {
|
||||||
if (cookie.getName().equals(AuthenticatedURL.AUTH_COOKIE)) {
|
if (cookie.getName().equals(AuthenticatedURL.AUTH_COOKIE)) {
|
||||||
tokenStr = cookie.getValue();
|
tokenStr = cookie.getValue();
|
||||||
|
if (tokenStr.isEmpty()) {
|
||||||
|
throw new AuthenticationException("Unauthorized access");
|
||||||
|
}
|
||||||
try {
|
try {
|
||||||
tokenStr = signer.verifyAndExtract(tokenStr);
|
tokenStr = signer.verifyAndExtract(tokenStr);
|
||||||
} catch (SignerException ex) {
|
} catch (SignerException ex) {
|
||||||
|
Loading…
Reference in New Issue
Block a user