Project

Profile

Help

Issue #558

Traceback is shown in admin.log if pulp-admin experiences an authentication failure

Added by igulina@redhat.com over 6 years ago. Updated over 2 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version:
2.5
Platform Release:
2.6.0
OS:
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Pulp 2
Sprint:
Quarter:

Description

Description of problem:
If pulp-admin is used without proper authentication, a traceback is logged on the .pulp/admin.log. Logging a failed authentication is perfectly reasonable, but logging a traceback is not. Remove the traceback and instead log a simple message about the failed authentication attempt, including the username attempted.

Version-Release number of selected component (if applicable):

rpm -qa | grep pulp-server

pulp-server-2.5.0-0.6.beta.fc20.noarch

How reproducible:
always

Steps to Reproduce:

pulp-admin login -u admin -p wrongpass

The specified user does not have permission to execute the given command

less .pulp/admin.log

2014-10-02 13:59:40,035 - ERROR - Client-side exception occurred
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/pulp/client/extensions/core.py", line 478, in run
exit_code = Cli.run(self, args)
File "/usr/lib/python2.7/site-packages/okaara/cli.py", line 974, in run
exit_code = command_or_section.execute(self.prompt, remaining_args)
File "/usr/lib/python2.7/site-packages/pulp/client/extensions/extensions.py", line 224, in execute
return self.method(*arg_list, **clean_kwargs)
File "/usr/lib/python2.7/site-packages/pulp/client/admin/admin_auth.py", line 58, in login
result = self.context.server.actions.login(username, password).response_body
File "/usr/lib/python2.7/site-packages/pulp/bindings/actions.py", line 32, in login
return self.server.POST (path)
File "/usr/lib/python2.7/site-packages/pulp/bindings/server.py", line 99, in POST
return self._request('POST', path, body=body, ensure_encoding=ensure_encoding)
File "/usr/lib/python2.7/site-packages/pulp/bindings/server.py", line 151, in _request
self._handle_exceptions(response_code, response_body)
File "/usr/lib/python2.7/site-packages/pulp/bindings/server.py", line 192, in _handle_exceptions
raise code_class_mappings[response_code](response_body)
PermissionsException: RequestException: POST request on /pulp/api/v2/actions/login/ failed with 401 - Authentication with username admin failed: invalid username or password

Expected results:
PermissionsException: RequestException: POST request on /pulp/api/v2/actions/login/ failed with 401 - Authentication with username admin failed: invalid username or password

+ This bug was cloned from Bugzilla Bug #1148915 +

History

#1 Updated by rbarlow over 6 years ago

Austin, this is "low hanging fruit", if you want an easy bz ☺

+ This comment was cloned from Bugzilla #1148915 comment 1 +

#3 Updated by cduryee over 6 years ago

fixed in pulp 2.6.0-0.2.beta

+ This comment was cloned from Bugzilla #1148915 comment 3 +

#4 Updated by igulina@redhat.com over 6 years ago

rpm -qa | grep pulp-server

pulp-server-2.6.0-0.2.beta.fc20.noarch

less ~/.pulp/admin.log

...

ApacheServerException
2014-12-23 23:01:49,418 - ERROR - RequestException: POST request on /pulp/api/v2/actions/login/ failed with 401 - Authentication with username admin failed: invalid username or password

+ This comment was cloned from Bugzilla #1148915 comment 4 +

#5 Updated by bmbouter over 6 years ago

  • Triaged changed from No to Yes

#6 Updated by rbarlow over 6 years ago

  • Status changed from 6 to CLOSED - CURRENTRELEASE

#8 Updated by bmbouter over 2 years ago

  • Severity set to 2. Medium

#9 Updated by bmbouter over 2 years ago

  • Tags Pulp 2 added

Please register to edit this issue

Also available in: Atom PDF