Actions
Issue #962
closedbasic auth for repo sync does not work
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version:
Master
Platform Release:
2.7.0
OS:
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Pulp 2
Sprint:
Quarter:
Description
When creating repos with pulp-admin, the password sanitization appears to be incorrectly replacing the basic auth password with the string '*****' when passing the value down to nectar. This should only occur when returning the password via API.
To repro:
- create an upstream repository that is protected by basic auth
- pulp-admin rpm repo create --repo-id basicauth --feed <path-to-upstream-repo> --basicauth-user user --basicauth-pass pass
- attempt to sync repo
expected result: repo will sync
actual result: repo will not sync, importer will get a 403
note: commenting out password sanitization works around this issue. The password sanitizer needs to move closer to where Pulp creates and returns json in order to avoid this.
Actions
Move password masking & serialization of the importer out of the controller and into the views
fixes #962