Bug #3475
closed
When Foreman URL (/users/login) is used as ErrorDocument target, status is not preserved
Description
In the document http://projects.theforeman.org/projects/foreman/wiki/Foreman_and_mod_auth_kerb, configuration is shown which allows to configure mod_auth_kerb for Negotiate authentication for issue http://projects.theforeman.org/issues/3312.
However, the fallback configuration that I found working is a little bit cumbersome:
ErrorDocument 401 '<html><meta http-equiv="refresh" content="0; URL=/users/login"><body>Kerberos authentication did not pass.</body></html>'
It would be much better if we could use
ErrorDocument 401 /users/login
However, when the /users/login is served by Foreman's passenger, it does not preserve the 401 status, returning 200 instead. As a result, the Negotiation does not happen at all (and situation is the same when Basic authentication is configured). So that setup cannot be used.
Foreman shouldn't specify status (and force 200) if there already is one set in the response.
Updated by Jan Pazdziora almost 11 years ago
Filed pull request https://github.com/theforeman/foreman/pull/1253
Updated by Dominic Cleal almost 11 years ago
- Category set to Authentication
- Status changed from New to Ready For Testing
- Assignee set to Jan Pazdziora
- Target version set to 1.9.1
Updated by Anonymous almost 11 years ago
- Target version changed from 1.9.1 to 1.9.0
Updated by Dominic Cleal almost 11 years ago
- Translation missing: en.field_release set to 7
Updated by Jan Pazdziora almost 11 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset 5eb2fa6ec0997b31b95d413c64c6bc3b2cfe552e.
Updated by The Foreman Bot over 9 years ago
- Pull request https://github.com/theforeman/foreman/pull/2401 added
Updated by Dominic Cleal over 9 years ago
- Related to Bug #10586: When /users/login is used as ErrorDocument for 401 with status=401, it does not provide that status added