Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Basic auth with no creds does not give a warning. #2346

Closed
abhivka7 opened this issue Dec 14, 2022 · 2 comments
Closed

[BUG] Basic auth with no creds does not give a warning. #2346

abhivka7 opened this issue Dec 14, 2022 · 2 comments
Labels
bug Something isn't working triaged Issues labeled as 'Triaged' have been reviewed and are deemed actionable.

Comments

@abhivka7
Copy link
Contributor

abhivka7 commented Dec 14, 2022
edited
Loading

What is the bug?
Using basic auth with no creds should give a warning in logs. But right now the logging level is trace and not warn.

How can one reproduce the bug?
Steps to reproduce the behavior:

  1. Create an opensearch domain with basic auth, and try to do a get request on it without passing credentials. It will just send the message: "Unauthorized" and only log if trace logging is enabled.

What is the expected behavior?
As an admin, I don't have any visibility into why my users are not able to login without enabling trace logs

What is your host/environment?

  • Security plugin enabled with OpenSearch 1.3 domain
@abhivka7 abhivka7 added bug Something isn't working untriaged Require the attention of the repository maintainers and may need to be prioritized labels Dec 14, 2022
@abhivka7 abhivka7 mentioned this issue Dec 14, 2022
Merged
@DarshitChanpura DarshitChanpura added triaged Issues labeled as 'Triaged' have been reviewed and are deemed actionable. and removed untriaged Require the attention of the repository maintainers and may need to be prioritized labels Dec 19, 2022
@DarshitChanpura
Copy link
Member

[Triage] @abhivka7 Thank you for filing this bug. Could you please elaborate more on the use case that you have in mind for this scenario?

@cwperks
Copy link
Member

cwperks commented Dec 22, 2022

Closing this issue.

This has been merged into main and 2.x:

@cwperks cwperks closed this as completed Dec 22, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working triaged Issues labeled as 'Triaged' have been reviewed and are deemed actionable.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@cwperks @DarshitChanpura @abhivka7