Project

Profile

Help

« Previous | Next » 

Revision f5550cef

Added by bmbouter 11 months ago

REMOTE_USER auth shouldn't trigger csrf rejects

Move all authentication fully to DRF. We were incorrectly configuring webserver auth support in django and not DRF. This ports the setting REMOTE_USER_ENVIRON_NAME to work with DRF instead of Django.

It adjusts the settings.py so there are removal claims even though this will likely go into a z-release. It's an important FYI for the user.

https://pulp.plan.io/issues/5955 closes #5955

(cherry picked from commit 1ae65bde73d649ac778357608a5ea84d48fd2096)