Skip to content

PKIAuthenticationPlugin: handle non-base64 SolrAuthV2 signature#4553

Open
janhoy wants to merge 2 commits into
apache:mainfrom
janhoy:pki-v2-header-base64-fix
Open

PKIAuthenticationPlugin: handle non-base64 SolrAuthV2 signature#4553
janhoy wants to merge 2 commits into
apache:mainfrom
janhoy:pki-v2-header-base64-fix

Conversation

@janhoy

@janhoy janhoy commented Jun 26, 2026

Copy link
Copy Markdown
Contributor

Wrap the base64 decode of the signature token in decipherHeaderV2 in a try/catch so a malformed (non-base64) value returns null and results in a generic 401, instead of propagating an IllegalArgumentException that surfaces as a 500.

…fully

Wrap the base64 decode of the signature token in decipherHeaderV2 in a
try/catch so a malformed (non-base64) value returns null and results in a
generic 401, instead of propagating an IllegalArgumentException that surfaces
as a 500. Mirrors the existing NumberFormatException handling for the
timestamp parsing. Adds a regression test.
@janhoy janhoy requested review from dsmiley and gerlowskija June 27, 2026 20:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant