Return-Path: X-Original-To: apmail-deltacloud-commits-archive@www.apache.org Delivered-To: apmail-deltacloud-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 09A86981B for ; Tue, 6 Mar 2012 12:55:53 +0000 (UTC) Received: (qmail 72570 invoked by uid 500); 6 Mar 2012 12:55:53 -0000 Delivered-To: apmail-deltacloud-commits-archive@deltacloud.apache.org Received: (qmail 72545 invoked by uid 500); 6 Mar 2012 12:55:52 -0000 Mailing-List: contact commits-help@deltacloud.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@deltacloud.apache.org Delivered-To: mailing list commits@deltacloud.apache.org Received: (qmail 72532 invoked by uid 99); 6 Mar 2012 12:55:52 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 06 Mar 2012 12:55:52 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.114] (HELO tyr.zones.apache.org) (140.211.11.114) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 06 Mar 2012 12:55:49 +0000 Received: by tyr.zones.apache.org (Postfix, from userid 65534) id C1C2F5AF7; Tue, 6 Mar 2012 12:55:27 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: mfojtik@apache.org To: commits@deltacloud.apache.org X-Mailer: ASF-Git Admin Mailer Subject: git commit: Core: Fixed missing halt in authentication chain Message-Id: <20120306125527.C1C2F5AF7@tyr.zones.apache.org> Date: Tue, 6 Mar 2012 12:55:27 +0000 (UTC) X-Virus-Checked: Checked by ClamAV on apache.org Updated Branches: refs/heads/master 7ee08d5a7 -> 132d40fa2 Core: Fixed missing halt in authentication chain Since the 'halt' method was previosly removed from LazyAuth module, client saw the 401 exception and then was asked for credentials. With this patch, client is asked for credentials and if entered credentials are wrong, client will get proper exception and output. Project: http://git-wip-us.apache.org/repos/asf/deltacloud/repo Commit: http://git-wip-us.apache.org/repos/asf/deltacloud/commit/132d40fa Tree: http://git-wip-us.apache.org/repos/asf/deltacloud/tree/132d40fa Diff: http://git-wip-us.apache.org/repos/asf/deltacloud/diff/132d40fa Branch: refs/heads/master Commit: 132d40fa24a3a24c2ee4e5275bea25ae83f2ccc9 Parents: 7ee08d5 Author: Michal Fojtik Authored: Tue Mar 6 13:54:41 2012 +0100 Committer: Michal fojtik Committed: Tue Mar 6 13:54:41 2012 +0100 ---------------------------------------------------------------------- server/lib/sinatra/lazy_auth.rb | 6 ++---- server/views/errors/401.html.haml | 15 ++++++++------- 2 files changed, 10 insertions(+), 11 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/deltacloud/blob/132d40fa/server/lib/sinatra/lazy_auth.rb ---------------------------------------------------------------------- diff --git a/server/lib/sinatra/lazy_auth.rb b/server/lib/sinatra/lazy_auth.rb index 9556bbc..fb94dd9 100644 --- a/server/lib/sinatra/lazy_auth.rb +++ b/server/lib/sinatra/lazy_auth.rb @@ -49,9 +49,7 @@ module Sinatra end unless provided? auth = Rack::Auth::Basic::Request.new(@app.request.env) - unless auth.provided? && auth.basic? && auth.credentials - @app.authorize! - end + @app.authorize! unless auth.provided? && auth.basic? && auth.credentials @user = auth.credentials[0] @password = auth.credentials[1] @provided = true @@ -63,7 +61,7 @@ module Sinatra def authorize! r = "#{driver_symbol}-deltacloud@#{HOSTNAME}" response['WWW-Authenticate'] = %(Basic realm="#{r}") - report_error(401) + throw(:halt, [401, report_error(401)]) end # Request the current user's credentials. Actual credentials are only http://git-wip-us.apache.org/repos/asf/deltacloud/blob/132d40fa/server/views/errors/401.html.haml ---------------------------------------------------------------------- diff --git a/server/views/errors/401.html.haml b/server/views/errors/401.html.haml index 1a135f9..6f7debb 100644 --- a/server/views/errors/401.html.haml +++ b/server/views/errors/401.html.haml @@ -2,7 +2,7 @@ %ul{ :'data-role' => :listview , :'data-inset' => :true, :'data-divider-theme' => 'e'} %li{ :'data-role' => 'list-divider'} Server message %li - %h3=[@error.class.name, @error.message].join(' - ') + %h3 Authentication Failure %li{ :'data-role' => 'list-divider'} Original request URI %li %a{ :href => request.env['REQUEST_URI'], :'data-ajax' => 'false'} @@ -15,11 +15,12 @@ - else %em No details - %div{ 'data-role' => :collapsible, 'data-collapsed' => "true"} - %h3 Backtrace - %ul{ :'data-role' => :listview , :'data-inset' => :true, :'data-divider-theme' => 'e'} - %li - %pre=@error.backtrace.join("\n") + - if @error.class.method_defined? :backtrace + %div{ 'data-role' => :collapsible, 'data-collapsed' => "true"} + %h3 Backtrace + %ul{ :'data-role' => :listview , :'data-inset' => :true, :'data-divider-theme' => 'e'} + %li + %pre=@error.backtrace.join("\n") %div{ 'data-role' => :collapsible, 'data-collapsed' => "true"} %h3 Parameters @@ -38,4 +39,4 @@ - request.env.each do |key, value| %li{ :'data-role' => 'list-divider'}=key %li - %span{:style => 'font-weight:normal;'}=value.inspect + %span{:style => 'font-weight:normal;'}=value.to_s