Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enforce authentication on api/status route by default #943

Merged
merged 2 commits into from
Apr 14, 2022
Merged

Enforce authentication on api/status route by default #943

merged 2 commits into from
Apr 14, 2022

Conversation

cliu123
Copy link
Member

@cliu123 cliu123 commented Apr 13, 2022
edited
Loading

Signed-off-by: Chang Liu [email protected]

Description

Enforce authentication on api/status route by default.

Category

Bug fix

Why these changes are required?

Secure api/status route

What is the old behavior before changes and new behavior after changes?

Old behavior:
api/status route bypasses authentication by default.
New behavior:
Enforce authentication on api/status route by default unless user explicitly configures api/status as opensearch_security.auth.unauthenticated_routes: ["/api/status"].

Issues Resolved

#945

Testing

ITs

Check List

  • New functionality includes testing
  • Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@cliu123 cliu123 requested a review from a team April 13, 2022 05:16
@codecov-commenter
Copy link

codecov-commenter commented Apr 13, 2022
edited
Loading

Codecov Report

Merging #943 (ea89698) into main (d9ae155) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##             main     #943   +/-   ##
=======================================
  Coverage   72.14%   72.14%           
=======================================
  Files          87       87           
  Lines        1906     1906           
  Branches      242      242           
=======================================
  Hits         1375     1375           
  Misses        477      477           
  Partials       54       54

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update d9ae155...ea89698. Read the comment docs.

@cliu123 cliu123 force-pushed the enforce_authentication_on_status_api_by_default branch from 3271a31 to 9969aa2 Compare April 13, 2022 05:33
@cliu123 cliu123 changed the title Enforce authentication on api/status route by default Enforce authentication on api/status route by default Apr 13, 2022
@cliu123 cliu123 changed the title Enforce authentication on api/status route by default Enforce authentication on api/status route by default Apr 13, 2022
@cliu123 cliu123 force-pushed the enforce_authentication_on_status_api_by_default branch 3 times, most recently from e707034 to 4391d44 Compare April 13, 2022 06:02
@cliu123 cliu123 force-pushed the enforce_authentication_on_status_api_by_default branch from 4391d44 to 71c89bd Compare April 13, 2022 06:28
@peternied peternied merged commit 6d6c5b7 into opensearch-project:main Apr 14, 2022
@cliu123 cliu123 mentioned this pull request Apr 15, 2022
Closed
@cliu123 cliu123 deleted the enforce_authentication_on_status_api_by_default branch April 15, 2022 22:15
kavilla added a commit to kavilla/opensearch-build that referenced this pull request Apr 16, 2022
@kavilla
[OSD] do not enforce auth on api/status
011a079 
Allow for the API status for OSD not to enforce auth.

opensearch-project/security-dashboards-plugin#943

Issue:
n/a

Signed-off-by: Kawika Avilla <[email protected]>
@kavilla kavilla mentioned this pull request Apr 16, 2022
Closed
1 task
kavilla added a commit to kavilla/opensearch-build that referenced this pull request Apr 16, 2022
@kavilla
[OSD] do not enforce auth on api/status
8560568 
Allow for the API status for OSD not to enforce auth.

opensearch-project/security-dashboards-plugin#943

Issue:
n/a

Signed-off-by: Kawika Avilla <[email protected]>
cliu123 added a commit that referenced this pull request Apr 16, 2022
@cliu123
Revert "Enforce authentication on api/status route by default (#943)"
aa2cc97 
This reverts commit 6d6c5b7.
@cliu123 cliu123 mentioned this pull request Apr 16, 2022
Closed
@peterzhuamazon peterzhuamazon mentioned this pull request Apr 16, 2022
Closed
peterzhuamazon added a commit to peterzhuamazon/security-dashboards-plugin that referenced this pull request Apr 16, 2022
@peterzhuamazon
Revert "Enforce authentication on api/status route by default (opense…
44b73bf 
…arch-project#943)"

This reverts commit 6d6c5b7.

Signed-off-by: Peter Zhu <[email protected]>
@peterzhuamazon peterzhuamazon mentioned this pull request Apr 16, 2022
Merged
cliu123 pushed a commit that referenced this pull request Apr 16, 2022
@peterzhuamazon
Revert "Enforce authentication on api/status route by default (#943)" (
25263e7 
…#950)

This reverts commit 6d6c5b7.

Signed-off-by: Peter Zhu <[email protected]>
@cliu123 cliu123 mentioned this pull request Apr 25, 2022
Merged
2 tasks
@zhyuanqi zhyuanqi mentioned this pull request May 16, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DarshitChanpura DarshitChanpura DarshitChanpura approved these changes

@davidlago davidlago davidlago approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@cliu123 @codecov-commenter @davidlago @DarshitChanpura @peternied