Issue #699
closed
Make "password" not required in pulp-admin for user creation.
Description
Description of problem:
in API 'password' should be a required key during user creation as in CLI:
pulp-admin -u admin -p admin auth user create --login test-user
Enter password for user [test-user] :
Re-enter password for user [test-user]:
Password cannot be empty
Enter password for user [test-user] :
If user will be created with API where 'password' can be skipped then it will be impossible to login with that user:
$ curl -i -H "Accept: application/json" -H "WebFrameworkSwitch: django" -X POST -k -u admin:admin -d '{"login":"test-user1"}' 'https://localhost/pulp/api/v2/users/'
HTTP/1.1 201 CREATED
Date: Mon, 16 Feb 2015 10:36:24 GMT
Server: Apache/2.4.10 (Fedora) OpenSSL/1.0.1e-fips mod_wsgi/3.5 Python/2.7.5
Content-Length: 196
Location: https://localhost/pulp/api/v2/users/test-user1/
Content-Type: application/json
{"_id": {"$oid": "54e1c82845ef485a4c9595f7"}, "name": "test-user1", "roles": [], "_ns": "users", "login": "test-user1", "id": "54e1c82845ef485a4c9595f7", "_href": "/pulp/api/v2/users/test-user1/"}[
$ pulp-admin -u test-user1 repo list
Warning: path should have mode 0700 because it may contain sensitive information: /home/ipanova/.pulp/
Enter password:
--------------------------------------------------------------------
Repositories
--------------------------------------------------------------------
Session Expired
The session certificate expired on Jan 23 08:13:41 2015 GMT.
Version-Release number of selected component (if applicable):
How reproducible:
Steps to Reproduce:
1.
2.
3.
Actual results:
Expected results:
Additional info:
+ This bug was cloned from Bugzilla Bug #1192955 +
Updated by ipanova@redhat.com about 9 years ago
also, docs should be updated http://pulp.readthedocs.org/en/latest/dev-guide/integration/rest-api/user/cud.html#create-a-user
+ This comment was cloned from Bugzilla #1192955 comment 1 +
Updated by rbarlow about 9 years ago
Since we do support other forms of authentication that do not involve the password, I believe we should not require the password to be specified. Pulp respects the REMOTE_USER environment variable if set by httpd, so any httpd authentication module can be used. We have an open pull request to add Kerberos support, for example.
+ This comment was cloned from Bugzilla #1192955 comment 2 +
Updated by mhrivnak about 9 years ago
I agree with Randy's assessment.
+ This comment was cloned from Bugzilla #1192955 comment 3 +
Updated by amacdona@redhat.com about 9 years ago
Here is a related bug:
Updated by bmbouter about 5 years ago
- Status changed from NEW to CLOSED - WONTFIX
Updated by bmbouter about 5 years ago
Pulp 2 is approaching maintenance mode, and this Pulp 2 ticket is not being actively worked on. As such, it is being closed as WONTFIX. Pulp 2 is still accepting contributions though, so if you want to contribute a fix for this ticket, please reopen or comment on it. If you don't have permissions to reopen this ticket, or you want to discuss an issue, please reach out via the developer mailing list.
Updated by bmbouter almost 4 years ago
- Category deleted (
14)
We are removing the 'API' category per open floor discussion June 16, 2020.
.