12 年前 · 4b27351435
--- a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java
+++ b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java
@@ -158,7 +158,7 @@ public class KerberosAuthenticator implements Authenticator {
 
				       conn.setRequestMethod(AUTH_HTTP_METHOD);
			
 
				       conn.connect();
			
 
				       
			
 
				-      if (conn.getResponseCode() == HttpURLConnection.HTTP_OK) {
			
 
				+      if (conn.getRequestProperty(AUTHORIZATION) != null && conn.getResponseCode() == HttpURLConnection.HTTP_OK) {
			
 
				         LOG.debug("JDK performed authentication on our behalf.");
			
 
				         // If the JDK already did the SPNEGO back-and-forth for
			
 
				         // us, just pull out the token.
			
--- a/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/AuthenticatorTestCase.java
+++ b/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/AuthenticatorTestCase.java
@@ -134,9 +134,11 @@ public abstract class AuthenticatorTestCase extends TestCase {
 
				     try {
			
 
				       URL url = new URL(getBaseURL());
			
 
				       AuthenticatedURL.Token token = new AuthenticatedURL.Token();
			
 
				+      Assert.assertFalse(token.isSet());
			
 
				       TestConnectionConfigurator connConf = new TestConnectionConfigurator();
			
 
				       AuthenticatedURL aUrl = new AuthenticatedURL(authenticator, connConf);
			
 
				       HttpURLConnection conn = aUrl.openConnection(url, token);
			
 
				+      Assert.assertTrue(token.isSet());
			
 
				       Assert.assertTrue(connConf.invoked);
			
 
				       String tokenStr = token.toString();
			
 
				       if (doPost) {
			
--- a/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/TestKerberosAuthenticator.java
+++ b/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/TestKerberosAuthenticator.java
@@ -43,6 +43,14 @@ public class TestKerberosAuthenticator extends AuthenticatorTestCase {
 
				     _testAuthentication(new KerberosAuthenticator(), false);
			
 
				   }
			
 
				 
			
 
				+  public void testFallbacktoPseudoAuthenticatorAnonymous() throws Exception {
			
 
				+    Properties props = new Properties();
			
 
				+    props.setProperty(AuthenticationFilter.AUTH_TYPE, "simple");
			
 
				+    props.setProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED, "true");
			
 
				+    setAuthenticationHandlerConfig(props);
			
 
				+    _testAuthentication(new KerberosAuthenticator(), false);
			
 
				+  }
			
 
				+
			
 
				   public void testNotAuthenticated() throws Exception {
			
 
				     setAuthenticationHandlerConfig(getAuthenticationHandlerConfiguration());
			
 
				     start();
			
--- a/hadoop-common-project/hadoop-common/CHANGES.txt
+++ b/hadoop-common-project/hadoop-common/CHANGES.txt
@@ -84,6 +84,8 @@ Release 2.0.3-alpha - Unreleased
 
				     HADOOP-8901. GZip and Snappy support may not work without unversioned
			
 
				     libraries (Colin Patrick McCabe via todd)
			
 
				 
			
 
				+    HADOOP-8883. Anonymous fallback in KerberosAuthenticator is broken. (rkanter via tucu)
			
 
				+
			
 
				 Release 2.0.2-alpha - 2012-09-07 
			
 
				 
			
 
				   INCOMPATIBLE CHANGES