Myroslav Papirkovskyi created AMBARI-17158:
----------------------------------------------
Summary: Wrong username being returned in from
ViewContextImpl.getUsername() and ViewContextImpl.getLoggedinUser()
Key: AMBARI-17158
URL: https://issues.apache.org/jira/browse/AMBARI-17158
Project: Ambari
Issue Type: Bug
Components: ambari-server
Affects Versions: 2.4.0
Reporter: Myroslav Papirkovskyi
Assignee: Myroslav Papirkovskyi
Priority: Blocker
Fix For: 2.4.0
Recently in 2.4.0.0 builds we are seeing that ViewContextImpl.getUsername() and
ViewContextImpl.getLoggedinUser() are returning username as
{noformat}[LOCAL]admin{noformat} when the user is admin.
I traced a bit and checked that in SecurityHelperImpl#getCurrentUserName()
{code:java}
@Override
public String getCurrentUserName() {
SecurityContext ctx = SecurityContextHolder.getContext();
Authentication authentication = ctx == null ? null : ctx.getAuthentication();
Object principal = authentication == null ? null :
authentication.getPrincipal();
String username;
if (principal instanceof UserDetails) {
username = ((UserDetails) principal).getUsername();
} else {
username = principal == null ? "" : principal.toString();
}
return username;
}
{code}
The principal object is coming as
org.apache.ambari.server.security.authorization.User and hence condition in the
if statement is returning false and thus the username is returned as
{noformat}[[LOCAL]]admin{noformat}.
org.apache.ambari.server.security.authorization.User#toString()
{code:java}
@Override
public String toString() {
return "[" + getUserType() + "]" + userName;
}
{code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
