psalagnac commented on code in PR #4474:
URL: https://github.com/apache/solr/pull/4474#discussion_r3589265315


##########
changelog/unreleased/SOLR-18270-easy-fix-without-parametrization.yml:
##########
@@ -0,0 +1,8 @@
+title: Update looked up attribute for SSL authentication
+type: fixed
+authors:
+  - name: Jean-Marie HEITZ
+    nick: heitzjm
+links:
+  - name: SOLR-18270
+    url: https://issues.apache.org/jira/projects/SOLR/issues/SOLR-18270

Review Comment:
   This link does not work well for me.
   Can you update it to the same as the PR description?



##########
solr/core/src/java/org/apache/solr/security/CertAuthPlugin.java:
##########
@@ -102,7 +104,10 @@ public boolean doAuthenticate(
       HttpServletRequest request, HttpServletResponse response, FilterChain 
filterChain)
       throws Exception {
     X509Certificate[] certs =
-        (X509Certificate[]) 
request.getAttribute("javax.servlet.request.X509Certificate");
+        (X509Certificate[]) 
request.getAttribute(CURRENT_REQUEST_ATTRIBUTE_NAME);
+    if (certs == null || certs.length == 0) {
+      certs=(X509Certificate[]) 
request.getAttribute(OLD_REQUEST_ATTRIBUTE_NAME);

Review Comment:
   Do we still need to check the old name?
   My understanding is this name changed with new Jetty. I don't think we will 
ever go back to the other name. We are good with checking only the new name in 
10+.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to