Bug 1148915 - Traceback is shown in admin.log if pulp-admin experiences an authentication failure
Summary: Traceback is shown in admin.log if pulp-admin experiences an authentication f...
Keywords:
Status: CLOSED UPSTREAM
Alias: None
Product: Pulp
Classification: Retired
Component: z_other
Version: 2.5
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: 2.6.0
Assignee: amacdona@redhat.com
QA Contact: Irina Gulina
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-10-02 16:05 UTC by Irina Gulina
Modified: 2015-02-28 22:37 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-02-28 22:37:26 UTC


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Pulp Redmine 558 0 None None None Never

Description Irina Gulina 2014-10-02 16:05:56 UTC
Description of problem:
If pulp-admin is used without proper authentication, a traceback is logged on the .pulp/admin.log. Logging a failed authentication is perfectly reasonable, but logging a traceback is not. Remove the traceback and instead log a simple message about the failed authentication attempt, including the username attempted.

Version-Release number of selected component (if applicable):
>> rpm -qa | grep pulp-server
pulp-server-2.5.0-0.6.beta.fc20.noarch

How reproducible:
always

Steps to Reproduce:
>> pulp-admin login -u admin -p wrongpass
The specified user does not have permission to execute the given command
 
>> less .pulp/admin.log
 
2014-10-02 13:59:40,035 - ERROR - Client-side exception occurred
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/pulp/client/extensions/core.py", line 478, in run
    exit_code = Cli.run(self, args)
  File "/usr/lib/python2.7/site-packages/okaara/cli.py", line 974, in run
    exit_code = command_or_section.execute(self.prompt, remaining_args)
  File "/usr/lib/python2.7/site-packages/pulp/client/extensions/extensions.py", line 224, in execute
    return self.method(*arg_list, **clean_kwargs)
  File "/usr/lib/python2.7/site-packages/pulp/client/admin/admin_auth.py", line 58, in login
    result = self.context.server.actions.login(username, password).response_body
  File "/usr/lib/python2.7/site-packages/pulp/bindings/actions.py", line 32, in login
    return self.server.POST(path)
  File "/usr/lib/python2.7/site-packages/pulp/bindings/server.py", line 99, in POST
    return self._request('POST', path, body=body, ensure_encoding=ensure_encoding)
  File "/usr/lib/python2.7/site-packages/pulp/bindings/server.py", line 151, in _request
    self._handle_exceptions(response_code, response_body)
  File "/usr/lib/python2.7/site-packages/pulp/bindings/server.py", line 192, in _handle_exceptions
    raise code_class_mappings[response_code](response_body)
PermissionsException: RequestException: POST request on /pulp/api/v2/actions/login/ failed with 401 - Authentication with username admin failed: invalid username or password


Expected results:
PermissionsException: RequestException: POST request on /pulp/api/v2/actions/login/ failed with 401 - Authentication with username admin failed: invalid username or password

Comment 1 Randy Barlow 2014-10-02 18:13:45 UTC
Austin, this is "low hanging fruit", if you want an easy bz ☺

Comment 2 amacdona@redhat.com 2014-10-06 18:52:51 UTC
https://github.com/pulp/pulp/pull/1190

Comment 3 Chris Duryee 2014-12-23 20:53:07 UTC
fixed in pulp 2.6.0-0.2.beta

Comment 4 Irina Gulina 2014-12-23 23:03:06 UTC
>> rpm -qa | grep pulp-server
pulp-server-2.6.0-0.2.beta.fc20.noarch

>> less ~/.pulp/admin.log

...

ApacheServerException
2014-12-23 23:01:49,418 - ERROR - RequestException: POST request on /pulp/api/v2/actions/login/ failed with 401 - Authentication with username admin failed: invalid username or password

Comment 5 Brian Bouterse 2015-02-28 22:37:26 UTC
Moved to https://pulp.plan.io/issues/558


Note You need to log in before you can comment on or make changes to this bug.