psalagnac commented on code in PR #4474: URL: https://github.com/apache/solr/pull/4474#discussion_r3589265315
########## changelog/unreleased/SOLR-18270-easy-fix-without-parametrization.yml: ########## @@ -0,0 +1,8 @@ +title: Update looked up attribute for SSL authentication +type: fixed +authors: + - name: Jean-Marie HEITZ + nick: heitzjm +links: + - name: SOLR-18270 + url: https://issues.apache.org/jira/projects/SOLR/issues/SOLR-18270 Review Comment: This link does not work well for me. Can you update it to the same as the PR description? ########## solr/core/src/java/org/apache/solr/security/CertAuthPlugin.java: ########## @@ -102,7 +104,10 @@ public boolean doAuthenticate( HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws Exception { X509Certificate[] certs = - (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate"); + (X509Certificate[]) request.getAttribute(CURRENT_REQUEST_ATTRIBUTE_NAME); + if (certs == null || certs.length == 0) { + certs=(X509Certificate[]) request.getAttribute(OLD_REQUEST_ATTRIBUTE_NAME); Review Comment: Do we still need to check the old name? My understanding is this name changed with new Jetty. I don't think we will ever go back to the other name. We are good with checking only the new name in 10+. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
