You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@airflow.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2018/12/28 04:43:00 UTC

[jira] [Commented] (AIRFLOW-3298) Webserver with ldap is not robust to changes in underlying database

    [ https://issues.apache.org/jira/browse/AIRFLOW-3298?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16730035#comment-16730035 ] 

ASF GitHub Bot commented on AIRFLOW-3298:
-----------------------------------------

stale[bot] commented on pull request #4132: [AIRFLOW-3298] Return None if user not found in session.
URL: https://github.com/apache/incubator-airflow/pull/4132
 
 
   
 
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


> Webserver with ldap is not robust to changes in underlying database
> -------------------------------------------------------------------
>
>                 Key: AIRFLOW-3298
>                 URL: https://issues.apache.org/jira/browse/AIRFLOW-3298
>             Project: Apache Airflow
>          Issue Type: Bug
>          Components: authentication
>    Affects Versions: 1.10.0
>            Reporter: Brad Holmes
>            Assignee: Brad Holmes
>            Priority: Major
>
> When a user-id is stored in the web-browser, and the underlying database changes so that the user-id is invalid, the webserver gets stuck, and throws an exception as it tries to use {{None}} as an object, and find the {{username}}.
> The problem is in {{load_user}} or {{ldap_auth.py}}:
> {code}
> def load_user(userid, session=None):
>     log.debug("Loading user %s", userid)
>     if not userid or userid == 'None':
>         return None
>     user = session.query(models.User).filter(models.User.id == int(userid)).first()
>     return LdapUser(user)
> {code}
> {{LdapUser}} must not be constructed with {{user=None}}.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)