Issue #1079
closed
Wrong error message when performing operation without logging in
Description
Before I logged in I ran following command:
pulp-admin auth user create --login=brian --password=redhat
The response from the server was:
The specified user does not have permission to execute the given command
I also tried performing a basic repo create operation:
pulp-admin rpm repo create --repo-id blah
And I got the exact same result as above.
After I logged in I was able to perform both of the operations operation.
- Description updated (diff)
- Description updated (diff)
- Version changed from 2.7.0 Beta to 2.6 Beta
Do we have a way of determining if someone is logged in separately from if they have permission to execute a command?
On the server end, the REMOTE_USER environment variable will not be set for users who are not logged in. On a related note, it's funny that we call the command "logging in" because nothing gets logged - a client certificate is generated. So the difference between a "logged in" user and everyone else is the presence of a client certificate that identifies them. Once we have better authentication offerings, I think we can just say it as being the difference between REMOTE_USER being set by httpd or not.
The message displayed is generated by pulp-admin client. The message returned by the server looks like this when -u argument is not passed in:
"error_message": "Authentication with username None failed: invalid SSL certificate."
When -u is specified and the password is wrong, the following is returned by the server:
"error_message": "Authentication with username admin failed: invalid username or password"
In the short term we should at least show the user these messages instead of a generic message that is not correct in all cases.
In the long term, we have story #946 to develop a plan to better handle authentication and authorization. Comment related to this issue can be found here https://pulp.plan.io/issues/946#note-4
- Triaged changed from No to Yes
- Has duplicate Issue #2016: pulp-admin : The specified user does not have permission to execute the given command added
- Status changed from NEW to CLOSED - WONTFIX
Pulp 2 is approaching maintenance mode, and this Pulp 2 ticket is not being actively worked on. As such, it is being closed as WONTFIX. Pulp 2 is still accepting contributions though, so if you want to contribute a fix for this ticket, please reopen or comment on it. If you don't have permissions to reopen this ticket, or you want to discuss an issue, please reach out via the developer mailing list.
Also available in: Atom
PDF