Bug 430004 - Authentication error page should be configurable
Authentication error page should be configurable
Status: CLOSED ERRATA
Product: freeIPA
Classification: Community
Component: ipa-server (Show other bugs)
1.0
All Linux
high Severity high
: ---
: ---
Assigned To: Rob Crittenden
Chandrasekar Kannan
:
Depends On:
Blocks: freeipa10 429034
  Show dependency treegraph
 
Reported: 2008-01-24 01:38 EST by Chandrasekar Kannan
Modified: 2012-03-27 03:19 EDT (History)
5 users (show)

See Also:
Fixed In Version: freeipa-2.0.0-1.fc15
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Put user-modifiable files into /etc/ipa (4.80 KB, patch)
2008-01-29 16:06 EST, Rob Crittenden
no flags Details | Diff

  None (edit)
Description Chandrasekar Kannan 2008-01-24 01:38:13 EST
Ticket #72 (reopened defect)

Opened 3 months ago

Last modified 2 months ago
Authentication error page should be configurable
Reported by: 	kmacmill 	Assigned to: 	rcritten
Priority: 	major 	Milestone: 	release-1
Component: 	ipa-server 	Version: 	
Keywords: 		Cc: 	kmacmill
Description ¶

Or at least not refer to internal RH sites.

If you attempt to access the site without having a valid Kerberos ticket, a page comes up talking about an idm wiki, calling the helpdesk, etc (forget the exact wording, I'm not at home where I've got a browser that can access my FreeIPA server). This is obviously a stale message, but where does it come from? It should be configurable to allow the admin to put something to the effect of 'You've tried to access Company XYZ's FreeIPA server, however, you do not have a Kerberos ticket. Obtain one via kinit, or if you are having difficulties, contact the helpdesk at xxx-xxx-xxxx"
Change History
2007-11-14 08:36:33 changed by kmacmill ¶

    * owner changed from kmacmill to rcritten.

Move this to release-1 if you want.
2007-11-14 12:04:08 changed by rcritten ¶

    * status changed from new to assigned.

This page is installed into /usr/share/ipa/html/unauthorized.html

Removed reference to idm wiki.

patch submitted
2007-11-15 09:11:24 changed by rcritten ¶

    * status changed from assigned to closed.
    * resolution set to fixed.

Committed in changeset 400
2007-11-15 09:28:51 changed by kmacmill ¶

    * cc set to kmacmill.
    * status changed from closed to reopened.
    * resolution deleted.
    * milestone changed from milestone-5 to release-1.

Reopening - need to mark this as a config file and possibly move to /etc:

            It is installed into /usr/share/ipa/html so can be customized as desired by end-users.

        If we expect editing we should move this to /etc/ipa and mark it as config in the rpm, right?

    If we move the file we'd need to change the httpd ipa.conf as well. I think we can still mark it as config in the rpm and leave it where it is.
Comment 1 Rob Crittenden 2008-01-29 16:06:24 EST
Created attachment 293342 [details]
Put user-modifiable files into /etc/ipa
Comment 2 Rob Crittenden 2008-01-30 09:55:59 EST
Committed a slightly modified version as changeset 609.

Per Simo's review I put the files into /etc/ipa/html instead. He isn't too keen
on storing html files in /etc.
Comment 3 Rob Crittenden 2008-01-30 09:56:35 EST
To test this you'll need to do a 'make dist' or 'make local-dist' in the freeipa
source tree and verify in the generated ipa-server RPM that the files are
located properly.

Note You need to log in before you can comment on or make changes to this bug.