Marton Greber has posted comments on this change. ( http://gerrit.cloudera.org:8080/23153 )
Change subject: [webserver] Mapping Kerberos principals to local usernames ...................................................................... Patch Set 2: (2 comments) http://gerrit.cloudera.org:8080/#/c/23153/2/src/kudu/server/webserver.cc File src/kudu/server/webserver.cc: http://gerrit.cloudera.org:8080/#/c/23153/2/src/kudu/server/webserver.cc@609 PS2, Line 609: local_user There’s a bug here: if principal-to-local mapping fails, local_user becomes an empty string. Later in the code an empty user string triggers the fallback to the “default” user, which is not the desired behaviour after a mapping error. Instead, the handler should return HTTP 500 when principal mapping is unsuccessful. Please review MapPrincipalToLocalName for its negative test cases and add a unit test that exercises this new error-handling path. http://gerrit.cloudera.org:8080/#/c/23153/2/src/kudu/util/web_callback_registry.h File src/kudu/util/web_callback_registry.h: http://gerrit.cloudera.org:8080/#/c/23153/2/src/kudu/util/web_callback_registry.h@78 PS2, Line 78: // The authenticated principal, if any. nit: can you update the comment that now username refers to the MapPrincipalToLocalName result? -- To view, visit http://gerrit.cloudera.org:8080/23153 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: Ib25a7886c32cbbef35272cd5799ae84601335a34 Gerrit-Change-Number: 23153 Gerrit-PatchSet: 2 Gerrit-Owner: Gabriella Lotz <[email protected]> Gerrit-Reviewer: Gabriella Lotz <[email protected]> Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Marton Greber <[email protected]> Gerrit-Reviewer: Zoltan Chovan <[email protected]> Gerrit-Comment-Date: Thu, 17 Jul 2025 16:00:13 +0000 Gerrit-HasComments: Yes
