-
-
Notifications
You must be signed in to change notification settings - Fork 249
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Using auth-proxy username not detected #292
Comments
Hi @oktorok, thanks for reporting. It looks like a bug indeed. |
Hi @bugy i have been looking around this bug, and although i didn't find the exact problem, because the problem has to do with request_handler and im not sure where is generated. Anyway i can tell you that the problem appers when there are upper cases in the |
Wow, thanks for checking! I thought I knew the root cause, until you said, that it works sometimes... |
My configuration is this one:
The problem i saw is that in the file
Now that i think it... that actually make sense because the headers are not case sensitive meaning that you receive all headers in lower case meanwhile in conf file i wrote with capital letters, Maybe i would suggest a |
Sorry, i was wrong, its not working yet, but now i can see that the value is taken properly in identification.py. I will still looking on it. Thank you so much for this project ^^ |
in logging.py file USERNAME is mapped with username whose value comes from:
As i saw the Then the problem could be that one of these names should have been mapped to What are your thoughts? |
Hi @oktorok, I guess this guy is gulty It takes auth username, but in case of header identification, we don't use auth PS you cannot bother by helping me :) |
Then i understand that this value we are looking for should be at before
Maybe the solution is modify it like this:
If i remember correctly for use user_header_name auth needs to be disable then we will be sure to user_id is the value we want and not an random one, in case user_header_name is not present it will return None as he does right now |
@oktorok yes, it would work. |
I see your point, and im agree with you, is more clean if auth only auts and identification only identify. Then this could be done in
|
Yep, looks better and more isolated to me My only concern now, that you will get randomly generated user id, if neither auth nor header_name is enabled. It will be like 123.456.789-abc-def. I'm not sure, if it will be an expected behaviour. To show this ID everywhere in logging. Usually showing simple IP or hostname would be easier to identify the user |
But it There, in case If it does not exist, means that
In both cases ip/random-token work as identifier of the client then its logic they become client's username. What do you think? maybe im misunderstanding something. |
Previously, the audit name would be resolved as a proxy basic auth or user's PC as a fallback to auth. |
You mean change the value that USERNAME receive when no auth + ip and no auth + random token? |
I'm not sure, what you mean :)
In any other case, I would prefer keeping |
Okay thanks for the explication :p. Yes.. if USERNAME is mapped with user_id, then, in the cases where user_id is equal to an ip or a token effectively will have none sense as username. Maybe sending server_conf.user_header_name to audit_utils.py as argument:
What do you think? Although maybe is a bit ugly send user_header_name like that to the function. |
I'm coming from OOP world, so for me more natural would be to make |
I am a completely amateur in OOP, i just need to force me to create objects because in my mind everything are functions ^_^'' Then the thing will be create a method in Identification class:
And in
|
:) Not really (only showing new lines, and I though that
And then the code in audit_utils remains pretty simple (instead of auth):
So, because of OOP polymorphism concept, audit_utils doesn't care how identifications work internally. |
Oh, I see. Thank you so much for everything. I have implemented it on my server and works perfectly. Than you so much again 😄 |
Do you want to make a pull request? So we can add it as a feature
Jaume <[email protected]> schrieb am Fr., 17. Apr. 2020, 00:31:
… Oh, I see.
Thank you so much for everything. I have implemented it on my server and
works perfectly.
If you need anything from me i would be pleased to help you.
Than you so much again 😄
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#292 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAJXPJN7KBKGAZZOGI63VY3RM6BMXANCNFSM4MIVSWLA>
.
|
I think i did it, i'm not sure because is my first time doing a pull request :p |
I have auth-proxy configuration, everything works fine but in the logs the variable USERNAME is None instead of the value in my user_header_name
conf.json
The text was updated successfully, but these errors were encountered: