yahoo-eng-team team mailing list archive

[Jamie Lennox <jamielennox@xxxxxxxxxx>]

Public bug reported:

The login page for horizon is mounted at /auth/login, however when you
hit the root GET / page you are not redirected to /auth/login instead
the form is rendered as part of the main page.

This means that anyone configuring apache to handle different
authentication mechanisms can't use the Location /auth/login segment to
enforce kerberos or client certificate requirements. Horizon should
always redirect to /auth/login to do login information.

** Affects: horizon
     Importance: Undecided
     Assignee: Jamie Lennox (jamielennox)
         Status: In Progress

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1418440

Title:
  Login page is rendered as part of GET /

Status in OpenStack Dashboard (Horizon):
  In Progress

Bug description:
  The login page for horizon is mounted at /auth/login, however when you
  hit the root GET / page you are not redirected to /auth/login instead
  the form is rendered as part of the main page.

  This means that anyone configuring apache to handle different
  authentication mechanisms can't use the Location /auth/login segment
  to enforce kerberos or client certificate requirements. Horizon should
  always redirect to /auth/login to do login information.

To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1418440/+subscriptions