Details
-
Bug
-
Status: Resolved
-
Low
-
Resolution: Fixed
-
None
-
Low
Description
Currently cli sets default username and password if none are set (in CliOptions.processArgs). Because of this cli will always authenticate, whether or not this was the intent of the user and CliMain.connect() "if ((sessionState.username != null) && (sessionState.password != null))" condition will always be true.
This breaks authentication in at least two scenarios:
1. Authenticator allows anonymous access and a user wants to login anonymously - instead he will get AuthenticationException because user "default" will most likely not exist.
2. Authenticator doesn't user username/password pairs for login but something like Kerberos instead. Thrift's login with u:default, p:"" will still be called and AuthenticationException will be thrown, again.