[
https://issues.apache.org/jira/browse/HADOOP-10193?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13923049#comment-13923049
]
Alejandro Abdelnur commented on HADOOP-10193:
---------------------------------------------
[~eugene.koifman], in the case of POSTs, the {user.name} param should still be
in the query string of the requested URL.
> hadoop-auth's PseudoAuthenticationHandler can consume getInputStream
> --------------------------------------------------------------------
>
> Key: HADOOP-10193
> URL: https://issues.apache.org/jira/browse/HADOOP-10193
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Reporter: Gregory Chanan
> Assignee: Gregory Chanan
> Priority: Minor
> Fix For: 2.3.0
>
> Attachments: HADOOP-10193.patch, HADOOP-10193v2.patch
>
>
> I'm trying to use the AuthenticationFilter in front of Apache Solr. The
> issue I'm running into is that the PseudoAuthenticationHandler calls
> ServletRequest.getParameter which affects future calls to
> ServletRequest.getInputStream. I.e. from the javadoc:
> {code}
> If the parameter data was sent in the request body, such as occurs with an
> HTTP POST request, then reading the body directly via getInputStream() or
> getReader() can interfere with the execution of this method.
> {code}
> Solr calls getInputStream after the filter and errors result.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
