----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/49477/ -----------------------------------------------------------
Review request for sentry and Sravya Tirukkovalur. Repository: sentry Description ------- SENTRY-1378: Login fails for a secure Sentry Web UI When using SPNEGO the kerberos principal is of the form "HTTP/<hostname>@Domain . So the http request has the user HTTP . Now for the property sentry.service.web.authentication.allow.connect.users , we change the list to a lowercase and hence the doFilter method in SentryAuthFilter throws a Unauthorized user status code: 403 exception. We need to make the user in the http request to lower case to compare with set of users present in the property sentry.service.web.authentication.allow.connect.users. Diffs ----- sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryAuthFilter.java c1cfc1b7cd2bc3f6c74cbe95b9d7b0d58a208408 Diff: https://reviews.apache.org/r/49477/diff/ Testing ------- Tested on a 5.8 cluster, with 5.8 code build. Thanks, Rahul Sharma
