[trafficcontrol] branch 4.1.x updated: traffic router re-authentication on unauthorized (#5177) (#5205)

Tue, 27 Oct 2020 12:15:25 -0700 

This is an automated email from the ASF dual-hosted git repository.

rawlin pushed a commit to branch 4.1.x
in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git


The following commit(s) were added to refs/heads/4.1.x by this push:
     new 5f73435  traffic router re-authentication on unauthorized (#5177) 
(#5205)
5f73435 is described below

commit 5f7343505b46e6ba4e93c83d58b1b2de0aebe13c
Author: Rawlin Peters <[email protected]>
AuthorDate: Tue Oct 27 13:11:49 2020 -0600

    traffic router re-authentication on unauthorized (#5177) (#5205)
    
    * traffic router re-authentication on unauthorized
    
    * Add Changelog entry
    
    Co-authored-by: nir-sopher <[email protected]>
    Co-authored-by: Steve Malenfant <[email protected]>
    (cherry picked from commit 542730b7352adc6a15ee9534eee69c372c48936b)
    
    Co-authored-by: Steve Malenfant <[email protected]>
---
 CHANGELOG.md                                                     | 1 +
 .../traffic_router/core/util/ProtectedFetcher.java               | 9 +++++++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5e7e813..a24b5fa 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -17,6 +17,7 @@ The format is based on [Keep a 
Changelog](http://keepachangelog.com/en/1.0.0/).
 - Fixed an issue that causes Traffic Router to mistakenly route to caches that 
had recently been set from ADMIN_DOWN to OFFLINE
 - Traffic Ops Ort: Disabled ntpd verification (ntpd is deprecated in CentOS)
 - Fixed #5005: Traffic Monitor cannot be upgraded independently of Traffic Ops
+- Fixed an issue with Traffic Router failing to authenticate if secrets are 
changed
 
 ### Deprecated
 - Deprecated the `insecure` option in `traffic_ops_golang` in favor of 
`"tls_config": { "InsecureSkipVerify": <bool> }`
diff --git 
a/traffic_router/core/src/main/java/com/comcast/cdn/traffic_control/traffic_router/core/util/ProtectedFetcher.java
 
b/traffic_router/core/src/main/java/com/comcast/cdn/traffic_control/traffic_router/core/util/ProtectedFetcher.java
index 0edb429..65e34cc 100644
--- 
a/traffic_router/core/src/main/java/com/comcast/cdn/traffic_control/traffic_router/core/util/ProtectedFetcher.java
+++ 
b/traffic_router/core/src/main/java/com/comcast/cdn/traffic_control/traffic_router/core/util/ProtectedFetcher.java
@@ -32,10 +32,15 @@ public class ProtectedFetcher extends Fetcher {
 
        @Override
        protected HttpURLConnection getConnection(final String url, final 
String data, final String method, final long lastFetchedTime) throws 
IOException {
-               if (!isCookieValid()) {
-                       
extractCookie(super.getConnection(getAuthorizationEndpoint(), getData(), 
POST_STR, 0L));
+
+               if (isCookieValid()) {
+                       final HttpURLConnection connection = 
extractCookie(super.getConnection(url, data, method, lastFetchedTime));
+                       if (connection.getResponseCode() != 
HttpURLConnection.HTTP_UNAUTHORIZED) {
+                               return connection;
+                       }
                }
 
+               extractCookie(super.getConnection(getAuthorizationEndpoint(), 
getData(), POST_STR, 0L));
                return extractCookie(super.getConnection(url, data, method, 
lastFetchedTime));
        }

Reply via email to