Project

General

Profile

Bug #1771

HTTP_authentication does not work for forms

Added by Romain Vrignaud about 10 years ago. Updated over 9 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Authentication
Target version:
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:

Description

When I use authorize_login_delegation, I'm never redirected to /users/login
but when I try to use auto_complete_search, I get a 401

See in logs :

Started GET "/hosts/auto_complete_search?search=" for 192.168.200.117 at Mon Jul 23 11:08:50 +0200 2012
Processing by HostsController#auto_complete_search as JSON
Parameters: {"search"=>""}
Completed 401 Unauthorized in 2ms

And I have a box in my browser with message :
"A username and password are being requested by http://foreman.example.com. The site says: "Application""


Related issues

Related to Foreman - Feature #1820: Authenticate API calls via REMOTE_USER too Closed2012-08-13

History

#1 Updated by Romain Vrignaud about 10 years ago

Logs with debug mode :

Started GET "/hosts/auto_complete_search?search=" for 192.168.200.117 at Mon Jul 23 11:16:35 +0200 2012
Processing by HostsController#auto_complete_search as JSON
Parameters: {"search"=>""}
Setting Load (0.5ms) SELECT `settings`.* FROM `settings` WHERE `settings`.`name` = 'authorize_login_delegation' ORDER BY LOWER LIMIT 1
CACHE (0.0ms) SELECT `settings`.* FROM `settings` WHERE `settings`.`name` = 'authorize_login_delegation' ORDER BY LOWER LIMIT 1
Completed 401 Unauthorized in 123ms

#2 Updated by Romain Vrignaud over 9 years ago

  • Assignee deleted (Ohad Levy)
  • Target version set to Bug scrub

#3 Updated by Joseph Magen over 9 years ago

  • Status changed from New to Assigned
  • Assignee set to Joseph Magen

#4 Updated by Joseph Magen over 9 years ago

  • Status changed from Assigned to Need more information
  • Assignee deleted (Joseph Magen)

I could not duplicate

#5 Updated by Ohad Levy over 9 years ago

You need to setup apache with REMOTE_USER header (authentication delegation).

#6 Updated by Romain Vrignaud over 9 years ago

To be clear : the websso is working : I'm authenticated with
authorize_login_delegation and Foreman find my user.
However the only thing is when I clear my browser cache,
I get asked just once at the precise instant when I click on
search tab with a HTTP authentication window (not /users/login).

In the log I get a 401 Unauthorized if I don't log myself

#7 Updated by Romain Vrignaud over 9 years ago

  • Status changed from Need more information to Closed

This has been fixed in develop with the setting : authorize_login_delegation_api

Also available in: Atom PDF