AMBARI-22543. Log Search: backend should not return with 302 redirect if authentication fails (oleewere)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/0d7f6096 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/0d7f6096 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/0d7f6096 Branch: refs/heads/branch-3.0-perf Commit: 0d7f60961fba7c5706ef3d79a7d9507d097fab6e Parents: f6fd9b5 Author: Oliver Szabo <[email protected]> Authored: Wed Nov 29 14:08:00 2017 +0100 Committer: Oliver Szabo <[email protected]> Committed: Wed Nov 29 17:38:35 2017 +0100 ---------------------------------------------------------------------- .../filters/LogsearchAuthenticationEntryPoint.java | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/0d7f6096/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/web/filters/LogsearchAuthenticationEntryPoint.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/web/filters/LogsearchAuthenticationEntryPoint.java b/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/web/filters/LogsearchAuthenticationEntryPoint.java index 2fe5f7b..b1ceb3a 100644 --- a/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/web/filters/LogsearchAuthenticationEntryPoint.java +++ b/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/web/filters/LogsearchAuthenticationEntryPoint.java @@ -24,12 +24,13 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.log4j.Logger; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.springframework.security.core.AuthenticationException; import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint; public class LogsearchAuthenticationEntryPoint extends LoginUrlAuthenticationEntryPoint { - private static final Logger logger = Logger.getLogger(LogsearchAuthenticationEntryPoint.class); + private static final Logger logger = LoggerFactory.getLogger(LogsearchAuthenticationEntryPoint.class); public LogsearchAuthenticationEntryPoint(String loginFormUrl) { super(loginFormUrl); @@ -38,13 +39,7 @@ public class LogsearchAuthenticationEntryPoint extends LoginUrlAuthenticationEnt @Override public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException { - String ajaxRequestHeader = request.getHeader("X-Requested-With"); - if (ajaxRequestHeader != null && ajaxRequestHeader.equalsIgnoreCase("XMLHttpRequest")) { - logger.debug("AJAX request. Authentication required. Returning URL=" + request.getRequestURI()); - response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Session Timeout"); - } else { - logger.debug("Redirecting to login page :" + this.getLoginFormUrl()); - super.commence(request, response, authException); - } + logger.debug("Got 401 from request: {}", request.getRequestURI()); + response.sendError(HttpServletResponse.SC_UNAUTHORIZED); } }
