Project

General

Profile

Bug #3475

When Foreman URL (/users/login) is used as ErrorDocument target, status is not preserved

Added by Jan Pazdziora about 7 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Authentication
Target version:
Difficulty:
Triaged:
Bugzilla link:
Fixed in Releases:
Found in Releases:

Description

In the document http://projects.theforeman.org/projects/foreman/wiki/Foreman_and_mod_auth_kerb, configuration is shown which allows to configure mod_auth_kerb for Negotiate authentication for issue http://projects.theforeman.org/issues/3312.

However, the fallback configuration that I found working is a little bit cumbersome:

ErrorDocument 401 '<html><meta http-equiv="refresh" content="0; URL=/users/login"><body>Kerberos authentication did not pass.</body></html>'

It would be much better if we could use

ErrorDocument 401 /users/login

However, when the /users/login is served by Foreman's passenger, it does not preserve the 401 status, returning 200 instead. As a result, the Negotiation does not happen at all (and situation is the same when Basic authentication is configured). So that setup cannot be used.

Foreman shouldn't specify status (and force 200) if there already is one set in the response.


Related issues

Related to Foreman - Bug #10586: When /users/login is used as ErrorDocument for 401 with status=401, it does not provide that statusClosed2015-05-22

Associated revisions

Revision 5eb2fa6e (diff)
Added by Jan Pazdziora over 6 years ago

fixes #3475 - make it possible to force the 401 status.

Revision 38f7e124 (diff)
Added by Jan Pazdziora over 6 years ago

fixes #3475 - make it possible to force the 401 status.

(cherry picked from commit 5eb2fa6ec0997b31b95d413c64c6bc3b2cfe552e)

History

#2 Updated by Dominic Cleal almost 7 years ago

  • Category set to Authentication
  • Status changed from New to Ready For Testing
  • Assignee set to Jan Pazdziora
  • Target version set to 1.9.1

#3 Updated by Dmitri Dolguikh almost 7 years ago

  • Target version changed from 1.9.1 to 1.9.0

#4 Updated by Dominic Cleal over 6 years ago

  • Legacy Backlogs Release (now unused) set to 7

#5 Updated by Jan Pazdziora over 6 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#6 Updated by The Foreman Bot over 5 years ago

  • Pull request https://github.com/theforeman/foreman/pull/2401 added

#7 Updated by Dominic Cleal over 5 years ago

  • Related to Bug #10586: When /users/login is used as ErrorDocument for 401 with status=401, it does not provide that status added

Also available in: Atom PDF