Home Explore Help
Register Sign In
apache
/
hadoop
mirror of https://github.com/apache/hadoop.git
2
0
Fork 1
Files Issues 0 Wiki
Browse Source

HADOOP-13580. If user is unauthorized, log "unauthorized" instead of "Invalid signed text:". Contributed by Wei-Chiu Chuang.

(cherry picked from commit f6f3a447bf3b2900a2e9a0615ad9877f9310e062)
Wei-Chiu Chuang 8 years ago
parent
40089eadf5
commit
031d5f6c5b
1 changed files with 3 additions and 0 deletions
Split View Show Diff Stats
  1. 3 0
      hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java

+ 3 - 0
hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
View File 

@@ -438,6 +438,9 @@ public class AuthenticationFilter implements Filter {
 
       for (Cookie cookie : cookies) {
 
         if (cookie.getName().equals(AuthenticatedURL.AUTH_COOKIE)) {
 
           tokenStr = cookie.getValue();
 
+          if (tokenStr.isEmpty()) {
 
+            throw new AuthenticationException("Unauthorized access");
 
+          }
 
           try {
 
             tokenStr = signer.verifyAndExtract(tokenStr);
 
           } catch (SignerException ex) {