Actions
Issue #1054
closedpulp repoauth checking should be OR'd across plugins, not ANDed
Status:
CLOSED - WONTFIX
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version:
Platform Release:
OS:
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Pulp 2
Sprint:
Quarter:
Description
The pulp repoauth plugin loop currently has the following code:
# loop through authenticators. If any return False, kick the user out.
for auth_method in authenticators:
if not authenticators[auth_method](environ):
return False
This should instead loop through each authenticator, and if one returns True, let the user in. This is more in-line with what developers expect to occur, and avoids issues with one auth plugin blocking another.
Note that another issue will be put in to allow enabling/disabling individual auth plugins based on a single config file. Currently you can only disable authentication entirely but not at a granular level.
Actions