-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(ldap): add missing www-authenticate headers #11820
Merged
hanshuebner
merged 1 commit into
master
from
feat/implement-missing-www-authenticate-headers-ldap
Jun 14, 2024
Merged
fix(ldap): add missing www-authenticate headers #11820
hanshuebner
merged 1 commit into
master
from
feat/implement-missing-www-authenticate-headers-ldap
Jun 14, 2024
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This was referenced Oct 23, 2023
nowNick
force-pushed
the
feat/implement-missing-www-authenticate-headers-ldap
branch
from
May 8, 2024 16:05
6b5f7fb
to
fd80cff
Compare
github-actions
bot
added
the
cherry-pick kong-ee
schedule this PR for cherry-picking to kong/kong-ee
label
May 8, 2024
nowNick
force-pushed
the
feat/implement-missing-www-authenticate-headers-ldap
branch
from
May 8, 2024 16:48
fd80cff
to
f5d4335
Compare
nowNick
force-pushed
the
feat/implement-missing-www-authenticate-headers-ldap
branch
from
May 9, 2024 09:36
f5d4335
to
a8c28ff
Compare
nowNick
force-pushed
the
feat/implement-missing-www-authenticate-headers-ldap
branch
2 times, most recently
from
May 9, 2024 12:54
2cba1f0
to
89c912e
Compare
hanshuebner
suggested changes
May 13, 2024
hanshuebner
approved these changes
May 14, 2024
nowNick
force-pushed
the
feat/implement-missing-www-authenticate-headers-ldap
branch
from
May 21, 2024 16:17
89c912e
to
678b603
Compare
nowNick
force-pushed
the
feat/implement-missing-www-authenticate-headers-ldap
branch
2 times, most recently
from
May 21, 2024 16:30
7bd0f83
to
cd60cae
Compare
jschmid1
approved these changes
May 31, 2024
nowNick
force-pushed
the
feat/implement-missing-www-authenticate-headers-ldap
branch
2 times, most recently
from
June 14, 2024 11:47
754bcd3
to
2b25048
Compare
nowNick
force-pushed
the
feat/implement-missing-www-authenticate-headers-ldap
branch
from
June 14, 2024 12:45
2b25048
to
b399410
Compare
hanshuebner
deleted the
feat/implement-missing-www-authenticate-headers-ldap
branch
June 14, 2024 13:08
Cherry-pick failed for Please cherry-pick the changes locally. git remote add upstream https://github.com/kong/kong-ee
git fetch upstream master
git worktree add -d .worktree/cherry-pick-11820-to-master-to-upstream upstream/master
cd .worktree/cherry-pick-11820-to-master-to-upstream
git checkout -b cherry-pick-11820-to-master-to-upstream
ancref=$(git merge-base 50f5a37a41325f92a367f25bcdf6cd58fd399960 b399410e16ea478daa57f076de18b9f2a92e7cdb)
git cherry-pick -x $ancref..b399410e16ea478daa57f076de18b9f2a92e7cdb |
github-actions
bot
added
the
incomplete-cherry-pick
A cherry-pick was incomplete and needs manual intervention
label
Jun 14, 2024
nowNick
removed
the
incomplete-cherry-pick
A cherry-pick was incomplete and needs manual intervention
label
Jun 18, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
cherry-pick kong-ee
schedule this PR for cherry-picking to kong/kong-ee
core/clustering
plugins/ldap-auth
schema-change-noteworthy
size/L
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
When kong returns
401 Unauthorized
response it should returnWWW-Authenticate
header with proper challenge. Ldap auth was missing this header on some responses.Related PRs:
RFCs & Materials
Checklist
changelog/unreleased/kong
orskip-changelog
label added on PR if changelog is unnecessary. README.mdThere is a user-facing docs PR against https://github.com/Kong/docs.konghq.com - PUT DOCS PR HEREFull changelog
WWW-Authenticate
header to all ldap 401 responseIssue reference