Github user Ethanlm commented on the issue:
https://github.com/apache/storm/pull/2421
A test:
Original:
```
C02T72WRG8WL-lm:~ ethanli$ curl -i --negotiate -u:anyUser -b
~/cookiejar.txt -c ~/cookiejar.txt
http://persistmist.corp.ne1.yahoo.com:8080/api/v1/cluster/summary
HTTP/1.1 500 Server Error
Date: Tue, 14 Nov 2017 21:42:44 GMT
Cache-Control: no-cache, no-store
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers,
Access-Controler-Allow-Origin, X-Requested-By, X-Csrf-Token, Authorization,
X-Requested-With
Content-Type: application/json;charset=utf-8
Content-Length: 4908
Server: Jetty(9.4.7.v20170914)
{"error":"Internal Server
Error","errorMessage":"AuthorizationException(msg:UI request 'getClusterInfo'
for '[email protected]' user is not authorized).....(omitted)
```
With this patch:
```
C02T72WRG8WL-lm:~ ethanli$ curl -i --negotiate -u:anyUser -b
~/cookiejar.txt -c ~/cookiejar.txt
http://persistmist.corp.ne1.yahoo.com:8080/api/v1/cluster/summary
HTTP/1.1 403 Forbidden
Date: Tue, 14 Nov 2017 21:39:21 GMT
Cache-Control: no-cache, no-store
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers,
Access-Controler-Allow-Origin, X-Requested-By, X-Csrf-Token, Authorization,
X-Requested-With
Content-Type: application/json;charset=utf-8
Content-Length: 4908
Server: Jetty(9.4.7.v20170914)
{"error":"Internal Server
Error","errorMessage":"AuthorizationException(msg:UI request 'getClusterInfo'
for '[email protected]' user is not authorized).....(omitted)
```
---
