[Kimchi-devel] [PATCH] [Kimchi 2/2] Remove required authentication from /

Aline Manera alinefm at linux.vnet.ibm.com
Mon Dec 14 11:52:51 UTC 2015


Each plugin is able to specify if an URI needs or not authentication and
it must be per URI.
Setting / to require authentication to the whole application will lead on UI
issues and the frontend will not be able to load HTML content as it is
protected behind authentication.

This problem was identified when accessing an specific URI (for example,
https://localhost:8001/#plugins/kimchi/tabs/guests) without
login into Wok. The expected behavior was the user to be redirected to
the login page, but as the / was protected, a blank screen was shown.
So fix it, by removing authentication from / and keep it for specific
URIs.

Signed-off-by: Aline Manera <alinefm at linux.vnet.ibm.com>
---
 kimchi.conf             | 1 -
 tests/test_config.py.in | 3 +--
 2 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/kimchi.conf b/kimchi.conf
index ebf346f..1b0dbb3 100644
--- a/kimchi.conf
+++ b/kimchi.conf
@@ -16,7 +16,6 @@ tools.sessions.httponly = True
 tools.sessions.locking = 'explicit'
 tools.sessions.storage_type = 'ram'
 tools.sessions.timeout = 10
-tools.wokauth.on = True
 
 [/data/screenshots]
 tools.staticdir.on = True
diff --git a/tests/test_config.py.in b/tests/test_config.py.in
index 171dfbb..249176d 100644
--- a/tests/test_config.py.in
+++ b/tests/test_config.py.in
@@ -92,8 +92,7 @@ class ConfigTests(unittest.TestCase):
                 'tools.sessions.httponly': True,
                 'tools.sessions.locking': 'explicit',
                 'tools.sessions.storage_type': 'ram',
-                'tools.sessions.timeout': SESSIONSTIMEOUT,
-                'tools.wokauth.on': True
+                'tools.sessions.timeout': SESSIONSTIMEOUT
             },
             '/novnc': {
                 'tools.wokauth.on': True,
-- 
2.5.0




More information about the Kimchi-devel mailing list