| Summary: | Login template should indicate when local auth is not enabled | ||
|---|---|---|---|
| Product: | [Community] PulpDist | Reporter: | Nick Coghlan <ncoghlan> |
| Component: | Web App | Assignee: | Nick Coghlan <ncoghlan> |
| Status: | CLOSED NEXTRELEASE | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | Keywords: | Reopened |
| Target Milestone: | 0.1.0 | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2012-02-06 04:34:20 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
|
Description
Nick Coghlan
2012-02-03 05:38:55 UTC
Turns out I completely misdiagnosed this misbehaviour. When deployed in a production configuration, PulpDist expects the *web server* to deal with user authentication and pass that information along. If the login template gets displayed, it's an indication that the web server has allowed an unauthenticated user to access a page that requires authentication (or there's a bug in the interaction between the web server and PulpDist). Either way, the login template should be clearly indicating this rather than offering a login page that isn't actually going to do anything. In the next release, the login page replaces the form with a notice if local auth is not supported. Reopening - Django admin section appears to be using the wrong login template Changed the login template to accept the additional info it needs as attributes on the login form instead of as context variables. This allows that info to be passed to both the normal and admin login view as class attributes on an AuthenticationForm subclass. |