svn commit: r926389 - /cassandra/trunk/src/java/org/apache/cassandra/auth/SimpleAuthenticator.java

Mon, 22 Mar 2010 16:11:44 -0700 

Author: eevans
Date: Mon Mar 22 23:11:19 2010
New Revision: 926389

URL: http://svn.apache.org/viewvc?rev=926389&view=rev
Log:
remove exception block

This exception block was trapping legit AuthorizationExceptions (raised
when no entry was found for the keyspace) and causing a RuntimeException
to be raised on the server instead of propagting back to the client.

Patch by eevans

Modified:
    cassandra/trunk/src/java/org/apache/cassandra/auth/SimpleAuthenticator.java

Modified: 
cassandra/trunk/src/java/org/apache/cassandra/auth/SimpleAuthenticator.java
URL: 
http://svn.apache.org/viewvc/cassandra/trunk/src/java/org/apache/cassandra/auth/SimpleAuthenticator.java?rev=926389&r1=926388&r2=926389&view=diff
==============================================================================
--- cassandra/trunk/src/java/org/apache/cassandra/auth/SimpleAuthenticator.java 
(original)
+++ cassandra/trunk/src/java/org/apache/cassandra/auth/SimpleAuthenticator.java 
Mon Mar 22 23:11:19 2010
@@ -131,8 +131,11 @@ public class SimpleAuthenticator impleme
             // given keyspace X, users A B and C can be authorized like this 
(separate their names with spaces):
             // X = A B C
             
-            // note we keep the message here and for other authorization 
problems exactly the same to prevent attackers from guessing what keyspaces are 
valid
-            if (null == props.getProperty(keyspace)) throw new 
AuthorizationException(authorizationErrorMessage(keyspace, username));
+            // note we keep the message here and for other authorization 
problems exactly the same to prevent attackers
+            // from guessing what keyspaces are valid
+            if (null == props.getProperty(keyspace))
+                throw new 
AuthorizationException(authorizationErrorMessage(keyspace, username));
+
             for (String allow : props.getProperty(keyspace).split(","))
             {
                 if (allow.equals(username)) authorized = AccessLevel.FULL;
@@ -146,10 +149,6 @@ public class SimpleAuthenticator impleme
         {
             throw new RuntimeException("Authorization table file given by 
property " + ACCESS_FILENAME_PROPERTY + " could not be opened: " + 
e.getMessage());
         }
-        catch (Exception e)
-        {
-            throw new RuntimeException("Unexpected authorization problem", e);
-        }
 
         if (authorized == AccessLevel.NONE) throw new 
AuthorizationException(authorizationErrorMessage(keyspace, username));

Reply via email to