Skip to content

Simplify logic for when log challenge for basic authenticator #57

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 8 commits into
base: main
Choose a base branch
from
Open

Simplify logic for when log challenge for basic authenticator #57

wants to merge 8 commits into from

Conversation

@cwperks
Copy link
Owner

@cwperks cwperks commented Jun 6, 2025

Description

This PR is a replacement for opensearch-project#5221 which simplifies the logic in the basic authenticator.

The goal is to only log this in valid scenarios. The following criteria needs to be met:

  • Request has no Authorization header
  • There is a challenging basic auth authenticator
  • Request is not for the SAML authtoken endpoint (used in ACS flow) which does not accept an Authorization header (its the endpoint that accepts the XML assertion) and is used in the SAML flow.
  • Category (Enhancement, New feature, Bug fix, Test fix, Refactoring, Maintenance, Documentation)

Bugfix

Check List

  • New functionality includes testing
  • New functionality has been documented
  • New Roles/Permissions have a corresponding security dashboards plugin PR
  • API changes companion pull request created
  • Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

cwperks added 2 commits June 6, 2025 11:12
@cwperks
Remove pesky log statement
511294b 
Signed-off-by: Craig Perkins <[email protected]>
@cwperks
Elevate to WARN
7424900 
Signed-off-by: Craig Perkins <[email protected]>
@cwperks cwperks changed the title Simplify logic for when to send challenge response for basic authenticator Simplify logic for when log challenge for basic authenticator Jun 6, 2025
@cwperks cwperks mentioned this pull request Jun 6, 2025
Closed
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@reta reta Awaiting requested review from reta

@willyborankin willyborankin Awaiting requested review from willyborankin willyborankin is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@cwperks @DarshitChanpura