You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@trafficcontrol.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2017/08/09 17:35:00 UTC

[jira] [Commented] (TC-505) LDAP only users are greeted with a 404 for all UI / API routes

    [ https://issues.apache.org/jira/browse/TC-505?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16120322#comment-16120322 ] 

ASF GitHub Bot commented on TC-505:
-----------------------------------

GitHub user mitchell852 opened a pull request:

    https://github.com/apache/incubator-trafficcontrol/pull/793

    [TC-505] - throws 403 (rather than 404) if user is ldap-only (has no user entry …

    …in tm_user table)

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/mitchell852/incubator-trafficcontrol tc-505-ldap-only-403

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/incubator-trafficcontrol/pull/793.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #793
    
----
commit bff78e0e6f96acad1341bb449e119846d187be2d
Author: Jeremy Mitchell <mi...@gmail.com>
Date:   2017-08-09T17:33:21Z

    throws 403 (rather than 404) if user is ldap-only (has no user entry in tm_user table)

----


> LDAP only users are greeted with a 404 for all UI / API routes
> --------------------------------------------------------------
>
>                 Key: TC-505
>                 URL: https://issues.apache.org/jira/browse/TC-505
>             Project: Traffic Control
>          Issue Type: Bug
>          Components: Traffic Ops, Traffic Ops API
>    Affects Versions: 2.1.0
>            Reporter: Jeremy Mitchell
>            Assignee: Jeremy Mitchell
>            Priority: Critical
>
> This is because not_ldap => 1 was added to all routes via this PR:
> https://github.com/apache/incubator-trafficcontrol/pull/627
> which results in a 404 for all UI / API routes if you don't have a user entry in the tm_user table.
> Rather than 404, if you login as ldap-only, you should get a 403 (forbidden) with a nice message about what you should do.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)