You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficcontrol.apache.org by ro...@apache.org on 2018/05/30 21:25:57 UTC
[incubator-trafficcontrol] branch master updated (24d960c ->
e83aa28)
This is an automated email from the ASF dual-hosted git repository.
rob pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-trafficcontrol.git.
from 24d960c Modification to use the LastModified date on a revalidation request.
new dc6fc45 correct login status codes and enhance ldap logging
new 5f2574c add access.log entry for login endpoint
new e83aa28 properly license ldap.v2 and ans1-ber.v1 dependencies
The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
LICENSE | 8 ++++++++
traffic_ops/traffic_ops_golang/auth/ldap.go | 6 ++++--
traffic_ops/traffic_ops_golang/auth/login.go | 8 +++++---
traffic_ops/traffic_ops_golang/routes.go | 2 +-
4 files changed, 18 insertions(+), 6 deletions(-)
--
To stop receiving notification emails like this one, please contact
rob@apache.org.
[incubator-trafficcontrol] 01/03: correct login status codes and
enhance ldap logging
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rob pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-trafficcontrol.git
commit dc6fc4507099f69eb31b16ccbc1aa29d66ec6a76
Author: Dylan Volz <Dy...@comcast.com>
AuthorDate: Wed May 23 15:03:36 2018 -0600
correct login status codes and enhance ldap logging
---
traffic_ops/traffic_ops_golang/auth/ldap.go | 6 ++++--
traffic_ops/traffic_ops_golang/auth/login.go | 8 +++++---
2 files changed, 9 insertions(+), 5 deletions(-)
diff --git a/traffic_ops/traffic_ops_golang/auth/ldap.go b/traffic_ops/traffic_ops_golang/auth/ldap.go
index 9f8291c..bb89ace 100644
--- a/traffic_ops/traffic_ops_golang/auth/ldap.go
+++ b/traffic_ops/traffic_ops_golang/auth/ldap.go
@@ -98,8 +98,10 @@ func LookupUserDN(username string, cfg *config.ConfigLDAP) (string, bool, error)
return "", false, err
}
- if len(sr.Entries) != 1 {
- return "", false, errors.New("User does not exist or too many entries returned")
+ if len(sr.Entries) < 1 {
+ return "", false, errors.New("User does not exist")
+ } else if len(sr.Entries) > 1 {
+ return "", false, errors.New("too many user entries returned")
}
userDN := sr.Entries[0].DN
return userDN, true, nil
diff --git a/traffic_ops/traffic_ops_golang/auth/login.go b/traffic_ops/traffic_ops_golang/auth/login.go
index 6021593..ecc95bf 100644
--- a/traffic_ops/traffic_ops_golang/auth/login.go
+++ b/traffic_ops/traffic_ops_golang/auth/login.go
@@ -47,6 +47,7 @@ func LoginHandler(db *sqlx.DB, cfg config.Config) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
handleErrs := tc.GetHandleErrorsFunc(w, r)
defer r.Body.Close()
+ authenticated := false
form := passwordForm{}
if err := json.NewDecoder(r.Body).Decode(&form); err != nil {
handleErrs(http.StatusBadRequest, err)
@@ -60,7 +61,7 @@ func LoginHandler(db *sqlx.DB, cfg config.Config) http.HandlerFunc {
log.Errorf("error checking local user: %s\n", err.Error())
}
if userAllowed {
- authenticated, err := checkLocalUserPassword(form, db)
+ authenticated, err = checkLocalUserPassword(form, db)
if err != nil {
log.Errorf("error checking local user password: %s\n", err.Error())
}
@@ -81,7 +82,6 @@ func LoginHandler(db *sqlx.DB, cfg config.Config) http.HandlerFunc {
resp = struct {
tc.Alerts
}{tc.CreateAlerts(tc.SuccessLevel, "Successfully logged in.")}
-
} else {
resp = struct {
tc.Alerts
@@ -97,8 +97,10 @@ func LoginHandler(db *sqlx.DB, cfg config.Config) http.HandlerFunc {
handleErrs(http.StatusInternalServerError, err)
return
}
-
w.Header().Set(tc.ContentType, tc.ApplicationJson)
+ if !authenticated {
+ w.WriteHeader(http.StatusUnauthorized)
+ }
fmt.Fprintf(w, "%s", respBts)
}
}
--
To stop receiving notification emails like this one, please contact
rob@apache.org.
[incubator-trafficcontrol] 02/03: add access.log entry for login
endpoint
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rob pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-trafficcontrol.git
commit 5f2574cdf0350c85f7fa456a036be19fbe8cad76
Author: Dylan Volz <Dy...@comcast.com>
AuthorDate: Wed May 23 15:35:03 2018 -0600
add access.log entry for login endpoint
---
traffic_ops/traffic_ops_golang/routes.go | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/traffic_ops/traffic_ops_golang/routes.go b/traffic_ops/traffic_ops_golang/routes.go
index 693bc62..16f5f0b 100644
--- a/traffic_ops/traffic_ops_golang/routes.go
+++ b/traffic_ops/traffic_ops_golang/routes.go
@@ -128,7 +128,7 @@ func Routes(d ServerData) ([]Route, []RawRoute, http.Handler, error) {
{1.1, http.MethodGet, `hwinfo-wip/?(\.json)?$`, hwinfo.HWInfoHandler(d.DB), auth.PrivLevelReadOnly, Authenticated, nil},
//Login
- {1.2, http.MethodPost, `user/login/?$`, auth.LoginHandler(d.DB, d.Config), 0, NoAuth, nil}, {1.3, http.MethodPost, `user/login/?$`, auth.LoginHandler(d.DB, d.Config), 0, NoAuth, nil},
+ {1.2, http.MethodPost, `user/login/?$`, wrapAccessLog(d.Secrets[0], auth.LoginHandler(d.DB, d.Config)), 0, NoAuth, nil}, {1.3, http.MethodPost, `user/login/?$`, auth.LoginHandler(d.DB, d.Config), 0, NoAuth, nil},
//Parameter: CRUD
{1.1, http.MethodGet, `parameters/?(\.json)?$`, api.ReadHandler(parameter.GetRefType(), d.DB), auth.PrivLevelReadOnly, Authenticated, nil},
--
To stop receiving notification emails like this one, please contact
rob@apache.org.
[incubator-trafficcontrol] 03/03: properly license ldap.v2 and
ans1-ber.v1 dependencies
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rob pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-trafficcontrol.git
commit e83aa28cb85862554c6f68c9301bceade5c27826
Author: Dylan Volz <Dy...@comcast.com>
AuthorDate: Wed May 30 11:53:59 2018 -0600
properly license ldap.v2 and ans1-ber.v1 dependencies
---
LICENSE | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/LICENSE b/LICENSE
index 487b432..7601509 100644
--- a/LICENSE
+++ b/LICENSE
@@ -436,3 +436,11 @@ For the siphash component:
For the miekg/dns component:
@traffic_ops/traffic_ops_golang/vendor/github.com/miekg/dns/*
./licenses/BSD-miekg-dns
+
+The asn1-ber.v1 component is used under the MIT license:
+@traffic_ops/vendor/gopkg.in/asn1-ber.v1/*
+./traffic_ops/vendor/gopkg.in/asn1-ber.v1/LICENSE
+
+The ldap.v2 component is used under the MIT license:
+@traffic_ops/vendor/gopkg.in/ldap.v2/*
+./traffic_ops/vendor/gopkg.in/ldap.v2/LICENSE
--
To stop receiving notification emails like this one, please contact
rob@apache.org.