Uploaded image for project: 'Couchbase Server'
  1. Couchbase Server
  2. MB-22768

/checkPermissions - not returning 401 for non-existent user in cb server

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 5.0.0
    • Fix Version/s: 5.0.0
    • Component/s: ns_server
    • Labels:
    • Environment:
      Enterprise Edition 5.0.0-1854

      Description

      1. Create a user in LDAP and enable authentication in CB.
      2. Assign a role to the user in CB
      3. Remove the user from all roles in CB and execute the following:
        curl -X POST --data ‘cluster.pools!read,cluster.nodes!read’ http://dave:password@10.142.150.101:8091/pools/default/checkPermissions

       

      Expected Result - Since the user is not part of CB anymore and the user credentials are passed in curl, it should return a 401.

        Attachments

        For Gerrit Dashboard: MB-22768
        # Subject Branch Project Status CR V

          Activity

          Hide
          build-team Couchbase Build Team added a comment -

          Build 5.0.0-2119 contains ns_server commit 8b45615d479a0f7be8ee89104ed6fa12c4d7d04b with commit message:
          MB-22768 do not allow LDAP authenticated user to access
          https://github.com/couchbase/ns_server/commit/8b45615d479a0f7be8ee89104ed6fa12c4d7d04b

          Show
          build-team Couchbase Build Team added a comment - Build 5.0.0-2119 contains ns_server commit 8b45615d479a0f7be8ee89104ed6fa12c4d7d04b with commit message: MB-22768 do not allow LDAP authenticated user to access https://github.com/couchbase/ns_server/commit/8b45615d479a0f7be8ee89104ed6fa12c4d7d04b

            People

            • Assignee:
              artem Artem Stemkovski
              Reporter:
              ritam.sharma Ritam Sharma
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Gerrit Reviews

                There are no open Gerrit changes

                  PagerDuty

                  Error rendering 'com.pagerduty.jira-server-plugin:PagerDuty'. Please contact your Jira administrators.