-
Notifications
You must be signed in to change notification settings - Fork 104
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enhance the log messages for authentication failures #1241
base: master
Are you sure you want to change the base?
Conversation
This looks indeed interesting and benifitial for others +1 |
Hi Stefan, I hope you are doing well! Is it possible for you to help me review this patch? Any feedbacks are greatly appreciated! I also find several other log messages that may help with debugging the access-denied issues. I will submit more patches if that helps :) Best, |
@byshen there is one thing related to the authentication code that must be done first. But while fixing that I stumbled on something that I don't like. |
Is there something that I can help with? Thank you. Bingyu |
@skinkie Hi, I added some more messages related to access control checks. Could you please help me review this patch? Any feedbacks are appreciated! |
@byshen this is what I get using fixed list authentication. I don't think this is what we want to confuse our users with. My suggestion; I think you should this approach this from a CHEROKEE_TRACE perspective.
|
Thanks for the update. I changed the descriptions to make log message more appropriate (obviously it is not a CODING_BUG, my apologies). 624fd0c I was also thinking about using If you feel |
In my perspective if you are debugging something it should not be enabled permanently. |
Thanks for the feedback. I raised another PR #1246 to change the messages to Please let me know if that is more appropriate. Thank you! |
…mation for required write permission
I hope you are safe and well in this difficult times.
In the
cherokee_connection_check_authentication()
function, Cherokee will check the authorization info in the connection during the setup stage. When the authentication fails, there is little info about how it failed. (e.g. wrong authentication type, invalid user, or wrong password.) All the messages are simply 401 unauthorized errors.I feel it would be beneficial to create some more hints for the sysadmins to know how the authentication fails when users were denied access. So I created some messages inside the authorization function, before it returns an unauthorized error.
Any thoughts are appreciated!