Bug 430004 - Authentication error page should be configurable
Summary: Authentication error page should be configurable
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: freeIPA
Classification: Retired
Component: ipa-server
Version: 1.0
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Rob Crittenden
QA Contact: Chandrasekar Kannan
URL:
Whiteboard:
Depends On:
Blocks: freeipa10 429034
TreeView+ depends on / blocked
 
Reported: 2008-01-24 06:38 UTC by Chandrasekar Kannan
Modified: 2012-03-27 07:19 UTC (History)
5 users (show)

Fixed In Version: freeipa-2.0.0-1.fc15
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)
Put user-modifiable files into /etc/ipa (4.80 KB, patch)
2008-01-29 21:06 UTC, Rob Crittenden
no flags Details | Diff

Description Chandrasekar Kannan 2008-01-24 06:38:13 UTC
Ticket #72 (reopened defect)

Opened 3 months ago

Last modified 2 months ago
Authentication error page should be configurable
Reported by: 	kmacmill 	Assigned to: 	rcritten
Priority: 	major 	Milestone: 	release-1
Component: 	ipa-server 	Version: 	
Keywords: 		Cc: 	kmacmill
Description ¶

Or at least not refer to internal RH sites.

If you attempt to access the site without having a valid Kerberos ticket, a page comes up talking about an idm wiki, calling the helpdesk, etc (forget the exact wording, I'm not at home where I've got a browser that can access my FreeIPA server). This is obviously a stale message, but where does it come from? It should be configurable to allow the admin to put something to the effect of 'You've tried to access Company XYZ's FreeIPA server, however, you do not have a Kerberos ticket. Obtain one via kinit, or if you are having difficulties, contact the helpdesk at xxx-xxx-xxxx"
Change History
2007-11-14 08:36:33 changed by kmacmill ¶

    * owner changed from kmacmill to rcritten.

Move this to release-1 if you want.
2007-11-14 12:04:08 changed by rcritten ¶

    * status changed from new to assigned.

This page is installed into /usr/share/ipa/html/unauthorized.html

Removed reference to idm wiki.

patch submitted
2007-11-15 09:11:24 changed by rcritten ¶

    * status changed from assigned to closed.
    * resolution set to fixed.

Committed in changeset 400
2007-11-15 09:28:51 changed by kmacmill ¶

    * cc set to kmacmill.
    * status changed from closed to reopened.
    * resolution deleted.
    * milestone changed from milestone-5 to release-1.

Reopening - need to mark this as a config file and possibly move to /etc:

            It is installed into /usr/share/ipa/html so can be customized as desired by end-users.

        If we expect editing we should move this to /etc/ipa and mark it as config in the rpm, right?

    If we move the file we'd need to change the httpd ipa.conf as well. I think we can still mark it as config in the rpm and leave it where it is.

Comment 1 Rob Crittenden 2008-01-29 21:06:24 UTC
Created attachment 293342 [details]
Put user-modifiable files into /etc/ipa

Comment 2 Rob Crittenden 2008-01-30 14:55:59 UTC
Committed a slightly modified version as changeset 609.

Per Simo's review I put the files into /etc/ipa/html instead. He isn't too keen
on storing html files in /etc.

Comment 3 Rob Crittenden 2008-01-30 14:56:35 UTC
To test this you'll need to do a 'make dist' or 'make local-dist' in the freeipa
source tree and verify in the generated ipa-server RPM that the files are
located properly.


Note You need to log in before you can comment on or make changes to this bug.