anshumg commented on a change in pull request #75: URL: https://github.com/apache/solr/pull/75#discussion_r612830144
########## File path: solr/core/src/java/org/apache/solr/security/PKIAuthenticationPlugin.java ########## @@ -84,46 +84,40 @@ public void init(Map<String, Object> pluginConfig) { @SuppressForbidden(reason = "Needs currentTimeMillis to compare against time in header") @Override public boolean doAuthenticate(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws Exception { + // Getting the received time must be the first thing we do, processing the request can take time + long receivedTime = System.currentTimeMillis(); String requestURI = request.getRequestURI(); if (requestURI.endsWith(PublicKeyHandler.PATH)) { + assert false : "Should already be handled by SolrDispatchFilter.authenticateRequest"; Review comment: do we need this here? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For additional commands, e-mail: issues-h...@solr.apache.org