[
https://issues.apache.org/jira/browse/HADOOP-10193?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13923076#comment-13923076
]
Alejandro Abdelnur commented on HADOOP-10193:
---------------------------------------------
The pseudo mode was done to handle programmatic user name injection via the
AuthenticatedURL, for web services when kerberos is not enabled. WebHCat could
use its own version of the PseudoAuthenticationHandler that picks the user name
from the encoded form. Note that this will not work if the authentication or
WebHCat is done by a proxy processing the post (that is what this bug fixes for
web services).
> hadoop-auth's PseudoAuthenticationHandler can consume getInputStream
> --------------------------------------------------------------------
>
> Key: HADOOP-10193
> URL: https://issues.apache.org/jira/browse/HADOOP-10193
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Reporter: Gregory Chanan
> Assignee: Gregory Chanan
> Priority: Minor
> Fix For: 2.3.0
>
> Attachments: HADOOP-10193.patch, HADOOP-10193v2.patch
>
>
> I'm trying to use the AuthenticationFilter in front of Apache Solr. The
> issue I'm running into is that the PseudoAuthenticationHandler calls
> ServletRequest.getParameter which affects future calls to
> ServletRequest.getInputStream. I.e. from the javadoc:
> {code}
> If the parameter data was sent in the request body, such as occurs with an
> HTTP POST request, then reading the body directly via getInputStream() or
> getReader() can interfere with the execution of this method.
> {code}
> Solr calls getInputStream after the filter and errors result.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
