fix(ldap): add missing www-authenticate headers #11820
Merged
+142
−38
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This was referenced Oct 23, 2023
nowNick
force-pushed
the
feat/implement-missing-www-authenticate-headers-ldap
branch
from
6b5f7fb
to
fd80cff
Compare
github-actions
bot
added
the
cherry-pick kong-ee
nowNick
force-pushed
the
feat/implement-missing-www-authenticate-headers-ldap
branch
from
fd80cff
to
f5d4335
Compare
nowNick
force-pushed
the
feat/implement-missing-www-authenticate-headers-ldap
branch
from
f5d4335
to
a8c28ff
Compare
nowNick
force-pushed
the
feat/implement-missing-www-authenticate-headers-ldap
branch
2 times, most recently
from
2cba1f0
to
89c912e
Compare
hanshuebner
suggested changes
May 13, 2024
hanshuebner
approved these changes
May 14, 2024
nowNick
force-pushed
the
feat/implement-missing-www-authenticate-headers-ldap
branch
from
89c912e
to
678b603
Compare
nowNick
force-pushed
the
feat/implement-missing-www-authenticate-headers-ldap
branch
2 times, most recently
from
7bd0f83
to
cd60cae
Compare
jschmid1
approved these changes
May 31, 2024
nowNick
force-pushed
the
feat/implement-missing-www-authenticate-headers-ldap
branch
2 times, most recently
from
754bcd3
to
2b25048
Compare
nowNick
force-pushed
the
feat/implement-missing-www-authenticate-headers-ldap
branch
from
2b25048
to
b399410
Compare
hanshuebner
deleted the
feat/implement-missing-www-authenticate-headers-ldap
branch
|
Cherry-pick failed for Please cherry-pick the changes locally. git remote add upstream https://github.com/kong/kong-ee
git fetch upstream master
git worktree add -d .worktree/cherry-pick-11820-to-master-to-upstream upstream/master
cd .worktree/cherry-pick-11820-to-master-to-upstream
git checkout -b cherry-pick-11820-to-master-to-upstream
ancref=$(git merge-base 50f5a37a41325f92a367f25bcdf6cd58fd399960 b399410e16ea478daa57f076de18b9f2a92e7cdb)
git cherry-pick -x $ancref..b399410e16ea478daa57f076de18b9f2a92e7cdb |
github-actions
bot
added
the
incomplete-cherry-pick
nowNick
removed
the
incomplete-cherry-pick
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
When kong returns
401 Unauthorizedresponse it should returnWWW-Authenticateheader with proper challenge. Ldap auth was missing this header on some responses.Related PRs:
RFCs & Materials
Checklist
changelog/unreleased/kongorskip-changeloglabel added on PR if changelog is unnecessary. README.mdThere is a user-facing docs PR against https://github.com/Kong/docs.konghq.com - PUT DOCS PR HEREFull changelog
WWW-Authenticateheader to all ldap 401 responseIssue reference