You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafficcontrol.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2017/08/09 17:35:00 UTC
[jira] [Commented] (TC-505) LDAP only users are greeted with a 404
for all UI / API routes
[ https://issues.apache.org/jira/browse/TC-505?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16120322#comment-16120322 ]
ASF GitHub Bot commented on TC-505:
-----------------------------------
GitHub user mitchell852 opened a pull request:
https://github.com/apache/incubator-trafficcontrol/pull/793
[TC-505] - throws 403 (rather than 404) if user is ldap-only (has no user entry …
…in tm_user table)
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/mitchell852/incubator-trafficcontrol tc-505-ldap-only-403
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/incubator-trafficcontrol/pull/793.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #793
----
commit bff78e0e6f96acad1341bb449e119846d187be2d
Author: Jeremy Mitchell <mi...@gmail.com>
Date: 2017-08-09T17:33:21Z
throws 403 (rather than 404) if user is ldap-only (has no user entry in tm_user table)
----
> LDAP only users are greeted with a 404 for all UI / API routes
> --------------------------------------------------------------
>
> Key: TC-505
> URL: https://issues.apache.org/jira/browse/TC-505
> Project: Traffic Control
> Issue Type: Bug
> Components: Traffic Ops, Traffic Ops API
> Affects Versions: 2.1.0
> Reporter: Jeremy Mitchell
> Assignee: Jeremy Mitchell
> Priority: Critical
>
> This is because not_ldap => 1 was added to all routes via this PR:
> https://github.com/apache/incubator-trafficcontrol/pull/627
> which results in a 404 for all UI / API routes if you don't have a user entry in the tm_user table.
> Rather than 404, if you login as ldap-only, you should get a 403 (forbidden) with a nice message about what you should do.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)