Project

General

Profile

Bug #28860

Wrong Error Message/Return code getting after exceeding the 'failed_login_attempts_limit'

Added by Tomer Brisker 8 months ago. Updated 7 months ago.

Status:
Closed
Priority:
Normal
Category:
Authentication
Target version:
-

Description

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1778599

Description of problem:
Wrong Error Message/Return code(Internal server error) getting after exceeding the 'failed_login_attempts_limit'

Version-Release number of selected component (if applicable):

How reproducible:
Always

Steps to Reproduce:
[root@satellite]# hammer -u admin -p changeme settings set --name failed_login_attempts_limit --value 5

Setting [failed_login_attempts_limit] updated to [5].
[root@satellite ~]# for i in 1 2 3 4 5; do hammer -u admin -p WRONG_PASS user list; done
Unable to authenticate user admin
Unable to authenticate user admin
Unable to authenticate user admin
Unable to authenticate user admin
Unable to authenticate user admin

[root@satellite ~]# hammer -u admin -p changeme user list
undefined local variable or method `logger' for #<Foreman::BruteforceProtection:0x00007f80b6979698>

Actual results:
Error Message is shown as 'undefined local variable or method `logger' for #<Foreman::BruteforceProtection:0x00007f80b6979698>' and error code is '70'

Expected results:
Error Message is Incorrect and Return code should be '129'


Related issues

Related to Foreman - Feature #26887: graphql login: count login failures as brute force attemptsClosed

Associated revisions

Revision 91e0b35a (diff)
Added by Dominik Matoulek 8 months ago

Fixes #28860 - fixing bad logging of bruteforce

History

#1 Updated by Tomer Brisker 8 months ago

  • Subject changed from Wrong Error Message/Return code getting after exceeding the 'failed_login_attempts_limit' to Wrong Error Message/Return code getting after exceeding the 'failed_login_attempts_limit'

This doesn't only affect hammer but all methods. This was caused by refactoring in https://projects.theforeman.org/issues/26887

#2 Updated by Tomer Brisker 8 months ago

  • Difficulty set to trivial

#3 Updated by Tomer Brisker 8 months ago

  • Related to Feature #26887: graphql login: count login failures as brute force attempts added

#4 Updated by Dominik Matoulek 8 months ago

  • Assignee set to Dominik Matoulek

#5 Updated by The Foreman Bot 8 months ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/7405 added

#6 Updated by The Foreman Bot 8 months ago

  • Fixed in Releases 2.0.0 added

#7 Updated by Dominik Matoulek 8 months ago

  • Status changed from Ready For Testing to Closed

#8 Updated by The Foreman Bot 8 months ago

  • Pull request https://github.com/theforeman/foreman/pull/7423 added

#9 Updated by The Foreman Bot 8 months ago

  • Pull request https://github.com/theforeman/foreman/pull/7424 added

#10 Updated by Tomer Brisker 8 months ago

  • Fixed in Releases 1.23.2, 1.24.3 added

#11 Updated by Tomer Brisker 7 months ago

  • Subject changed from Wrong Error Message/Return code getting after exceeding the 'failed_login_attempts_limit' to Wrong Error Message/Return code getting after exceeding the 'failed_login_attempts_limit'

Also available in: Atom PDF