michaeljmarshall commented on code in PR #19519:
URL: https://github.com/apache/pulsar/pull/19519#discussion_r1106671416
##########
pulsar-broker/src/main/java/org/apache/pulsar/broker/service/ServerCnx.java:
##########
@@ -737,15 +737,15 @@ public void authChallengeSuccessCallback(AuthData
authChallenge,
// 2. an authentication refresh, in which case we need to
refresh authenticationData
AuthenticationState authState = useOriginalAuthState ?
originalAuthState : this.authState;
String newAuthRole = authState.getAuthRole();
+ AuthenticationDataSource newAuthDataSource =
authState.getAuthDataSource();
- // Refresh the auth data.
- this.authenticationData = authState.getAuthDataSource();
- if (log.isDebugEnabled()) {
- log.debug("[{}] Auth data refreshed for role={}",
remoteAddress, this.authRole);
- }
-
+ // Refresh the auth data and role.
if (!useOriginalAuthState) {
this.authRole = newAuthRole;
+ this.authenticationData = newAuthDataSource;
+ } else {
+ this.originalAuthData = newAuthDataSource;
+ this.originalPrincipal = newAuthRole;
Review Comment:
> Sure, but I'm doing this to fix the store of the authentication data
correctly, and make sense.
I think I was too focused on the end goal. Your solution is a good first
step because it corrects how we store the authentication data. I think we
should merge this before worrying about changing the whole paradigm.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
