[icinga-checkins] icinga.org: icinga-web/master: * Server sends now 403 (Forbidden) instead of 401 (Authorisation required) if not logged in (#fixes w#740)

git at icinga.org git at icinga.org
Thu Sep 9 12:16:31 CEST 2010


Module: icinga-web
Branch: master
Commit: 535a34c26b22781da68df46e4cd527594821a28a
URL:    https://git.icinga.org/?p=icinga-web.git;a=commit;h=535a34c26b22781da68df46e4cd527594821a28a

Author: jmosshammer <jmosshammer at ws-jmosshammer.(none)>
Date:   Thu Sep  9 11:21:39 2010 +0200

* Server sends now 403 (Forbidden) instead of 401 (Authorisation required) if not logged in (#fixes w#740)

---

 app/config/routing.xml                             |    1 +
 app/modules/AppKit/cache/Login/LoginCheck.xml      |    7 +++++++
 app/modules/AppKit/config/auth.xml                 |    2 +-
 app/modules/AppKit/lib/js/AppKitUtil.js            |    2 +-
 .../HTTPBasicAuthenticationModel.class.php         |    1 +
 .../AppKit/templates/Login/AjaxLoginSuccess.php    |    2 +-
 app/modules/AppKit/validate/Login/AjaxLogin.xml    |    4 ++--
 .../views/Login/AjaxLoginSuccessView.class.php     |    4 ++--
 .../views/Login/SilentAuthSuccessView.class.php    |    6 +++++-
 9 files changed, 21 insertions(+), 8 deletions(-)

diff --git a/app/config/routing.xml b/app/config/routing.xml
index 2496428..84741a0 100755
--- a/app/config/routing.xml
+++ b/app/config/routing.xml
@@ -13,6 +13,7 @@
 
 				<route name=".login" pattern="^/login" action="%actions.login_action%">
 					<route name=".provider" pattern="^/json" module="%actions.default_module%" action="Login.AjaxLogin" output_type="json"/>
+					<route name=".check" pattern="^/check" module="%actions.default_module%" action="Login.LoginCheck" output_type="simple"/>
 				</route>
 
 				<route name=".logout" pattern="^/logout" action="Logout"/>
diff --git a/app/modules/AppKit/cache/Login/LoginCheck.xml b/app/modules/AppKit/cache/Login/LoginCheck.xml
new file mode 100644
index 0000000..d92d0b0
--- /dev/null
+++ b/app/modules/AppKit/cache/Login/LoginCheck.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ae:configurations xmlns:ae="http://agavi.org/agavi/config/global/envelope/1.0" xmlns="http://agavi.org/agavi/config/parts/caching/1.0">
+	<ae:configuration>
+		<caching enabled="false">
+		</caching>
+	</ae:configuration>
+</ae:configurations>
diff --git a/app/modules/AppKit/config/auth.xml b/app/modules/AppKit/config/auth.xml
index b762e07..396f660 100755
--- a/app/modules/AppKit/config/auth.xml
+++ b/app/modules/AppKit/config/auth.xml
@@ -184,7 +184,7 @@
 				* Allow authenticate requests, set auth_authoritative true
 			-->
 			
-			<ae:parameter name="auth_enable">false</ae:parameter>
+			<ae:parameter name="auth_enable">true</ae:parameter>
 			<ae:parameter name="auth_authoritative">true</ae:parameter>
 
 			<!--
diff --git a/app/modules/AppKit/lib/js/AppKitUtil.js b/app/modules/AppKit/lib/js/AppKitUtil.js
index 2fe38f4..b72a2a2 100755
--- a/app/modules/AppKit/lib/js/AppKitUtil.js
+++ b/app/modules/AppKit/lib/js/AppKitUtil.js
@@ -84,7 +84,7 @@ AppKit.util = (function() {
 			var t={};
 			Ext.Ajax.on('requestexception', function(conn, response, options) {
 				if (!options.url.match(/\/login/)) {
-					if (response.status == '401') {
+					if (response.status == '403') {
 						if (Ext.isEmpty(this.wflag)) {
 							this.wflag=true;
 
diff --git a/app/modules/AppKit/models/Auth/Provider/HTTPBasicAuthenticationModel.class.php b/app/modules/AppKit/models/Auth/Provider/HTTPBasicAuthenticationModel.class.php
index 3299902..09b66a4 100644
--- a/app/modules/AppKit/models/Auth/Provider/HTTPBasicAuthenticationModel.class.php
+++ b/app/modules/AppKit/models/Auth/Provider/HTTPBasicAuthenticationModel.class.php
@@ -28,6 +28,7 @@ class AppKit_Auth_Provider_HTTPBasicAuthenticationModel extends AppKitAuthProvid
 
 	public function doAuthenticate(NsmUser $user, $password) {
 		$tuser = $this->loadUserByDQL($user->user_name);
+
 		if ($tuser && $tuser instanceof NsmUser && $user->user_name == $this->getAuthName()) {
 			return true;
 		}
diff --git a/app/modules/AppKit/templates/Login/AjaxLoginSuccess.php b/app/modules/AppKit/templates/Login/AjaxLoginSuccess.php
index 621983c..f5a7ead 100755
--- a/app/modules/AppKit/templates/Login/AjaxLoginSuccess.php
+++ b/app/modules/AppKit/templates/Login/AjaxLoginSuccess.php
@@ -42,7 +42,7 @@ Ext.onReady(function() {
 				inputType: 'password',
 				name: 'password',
 				id: 'password',
-				allowBlank: false
+				allowBlank: true
 			}],
 			
 			listeners: {
diff --git a/app/modules/AppKit/templates/Login/LoginCheckSuccess.php b/app/modules/AppKit/templates/Login/LoginCheckSuccess.php
new file mode 100644
index 0000000..e69de29
diff --git a/app/modules/AppKit/validate/Login/AjaxLogin.xml b/app/modules/AppKit/validate/Login/AjaxLogin.xml
index 9d5f195..862df41 100755
--- a/app/modules/AppKit/validate/Login/AjaxLogin.xml
+++ b/app/modules/AppKit/validate/Login/AjaxLogin.xml
@@ -22,7 +22,7 @@
 					</ae:parameters>
 			</validator>
 			
-			<validator class="string" name="password_length" required="true">
+			<validator class="string" name="password_length" required="false">
 					<arguments>
 						<argument>password</argument>
 					</arguments>
@@ -32,7 +32,7 @@
 					</errors>
 					<ae:parameters>
 						<ae:parameter name="max">80</ae:parameter>
-						<ae:parameter name="min">3</ae:parameter>
+						<ae:parameter name="min">0</ae:parameter>
 					</ae:parameters>
 			</validator>
 			
diff --git a/app/modules/AppKit/views/Login/AjaxLoginSuccessView.class.php b/app/modules/AppKit/views/Login/AjaxLoginSuccessView.class.php
index 8b4b80a..ead9820 100755
--- a/app/modules/AppKit/views/Login/AjaxLoginSuccessView.class.php
+++ b/app/modules/AppKit/views/Login/AjaxLoginSuccessView.class.php
@@ -7,7 +7,7 @@ class AppKit_Login_AjaxLoginSuccessView extends AppKitBaseView
 		$this->setupHtml($rd);
 		
 		if ($this->getContext()->getUser()->isAuthenticated() !== true) {
-			$this->getResponse()->setHttpStatusCode('401');
+			$this->getResponse()->setHttpStatusCode('403');
 		}
 
 		$this->setAttribute('message', false);
@@ -45,7 +45,7 @@ class AppKit_Login_AjaxLoginSuccessView extends AppKitBaseView
 		}
 		else {
 			$errors['username'] = 'Login failed!';
-			$this->getResponse()->setHttpStatusCode('401');
+			$this->getResponse()->setHttpStatusCode('403');
 		}
 		
 		return json_encode(array(
diff --git a/app/modules/AppKit/views/Login/SilentAuthSuccessView.class.php b/app/modules/AppKit/views/Login/SilentAuthSuccessView.class.php
index 00d6cf7..45dbff3 100644
--- a/app/modules/AppKit/views/Login/SilentAuthSuccessView.class.php
+++ b/app/modules/AppKit/views/Login/SilentAuthSuccessView.class.php
@@ -1,8 +1,12 @@
 <?php
 
 class AppKit_Login_SilentAuthSuccessView extends AppKitBaseView {
+		public function executeJson(AgaviRequestDataHolder $rd) {
+			return $this->executeHtml($rd);
+			
+		}
 
-	public function executeHtml(AgaviRequestDataHolder $rd) {
+		public function executeHtml(AgaviRequestDataHolder $rd) {
 
 		if ($this->getAttribute('authenticated', false) == true) {
 





More information about the icinga-checkins mailing list