Bug 817946 - API not accessible from browser
API not accessible from browser
Status: CLOSED ERRATA
Product: Subscription Asset Manager
Classification: Red Hat
Component: katello (Show other bugs)
1.0.0
Unspecified Unspecified
unspecified Severity medium
: rc
: ---
Assigned To: Adam Price
Og Maciel
: Triaged
Depends On:
Blocks: sam12-tracker
  Show dependency treegraph
 
Reported: 2012-05-01 16:54 EDT by Jim Minter
Modified: 2013-02-21 14:15 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-02-21 14:15:46 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jim Minter 2012-05-01 16:54:53 EDT
Description of problem:

At least using firefox and chrome, I can't access API URLs which require authentication, I think because the katello web server doesn't send an www-authenticate header, and therefore the browser doesn't prompt for or send credentials.

Version-Release number of selected component (if applicable):

Don't know which component to report version of, but I just installed it today (1-may-2012)

How reproducible:

Always

Steps to Reproduce:

Try the following URLs:

https://hostname/headpin/api works
https://hostname/headpin/api/systems fails ("Invalid credentials")
https://admin:admin@hostname/headpin/api/systems fails ("Invalid credentials"), at least in chrome and firefox
$ curl -k -u admin:admin https://hostname/headpin/api/systems works
  
Actual results:

See above

Expected results:

All expected to work

Additional info:
Comment 2 RHEL Product and Program Management 2012-05-01 17:14:19 EDT
Thank you for your bug report. This issue was evaluated for inclusion
in the current release of Subscription Asset Manager (SAM). Unfortunately,
we are unable to address this request. Because we are in the final stages
of development in the current release, only significant, release-blocking
issues involving serious regressions and data corruption can be considered.

If you believe this issue meets the release blocking criteria as defined and
communicated to you by your Red Hat Support representative, please ask
your representative to file this issue as a blocker for the current release.
Otherwise, ask that it be evaluated for inclusion in the next release of SAM.
Comment 3 RHEL Product and Program Management 2012-05-01 17:34:20 EDT
Thank you for your bug report. This issue was evaluated for inclusion
in the current release of Subscription Asset Manager (SAM). Unfortunately,
we are unable to address this request. Because we are in the final stages
of development in the current release, only significant, release-blocking
issues involving serious regressions and data corruption can be considered.

If you believe this issue meets the release blocking criteria as defined and
communicated to you by your Red Hat Support representative, please ask
your representative to file this issue as a blocker for the current release.
Otherwise, ask that it be evaluated for inclusion in the next release of SAM.
Comment 4 Adam Price 2012-10-24 09:59:50 EDT
related to bug https://bugzilla.redhat.com/show_bug.cgi?id=804661
Comment 5 Lukas Zapletal 2012-10-25 04:15:48 EDT
https://github.com/Katello/katello/pull/911
Comment 7 Og Maciel 2012-11-03 11:14:54 EDT
Verified:

* candlepin-0.7.18-1.el6_3.noarch
* candlepin-tomcat6-0.7.18-1.el6_3.noarch
* katello-candlepin-cert-key-pair-1.0-1.noarch
* katello-certs-tools-1.2.1-1h.el6_3.noarch
* katello-cli-1.2.2-1h.el6_3.noarch
* katello-cli-common-1.2.2-1h.el6_3.noarch
* katello-common-1.2.2-1h.el6_3.noarch
* katello-configure-1.2.1-1h.el6_3.noarch
* katello-glue-candlepin-1.2.2-1h.el6_3.noarch
* katello-headpin-1.2.2-1h.el6_3.noarch
* katello-headpin-all-1.2.2-1h.el6_3.noarch
* katello-selinux-1.2.1-1h.el6_3.noarch
* thumbslug-0.0.24-1.el6_2.noarch
* thumbslug-selinux-0.0.24-1.el6_2.noarch
Comment 9 Og Maciel 2012-11-12 12:29:40 EST
As per comment #7, this has been verified.
Comment 11 errata-xmlrpc 2013-02-21 14:15:46 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0544.html

Note You need to log in before you can comment on or make changes to this bug.