[ 
https://issues.apache.org/jira/browse/GUACAMOLE-598?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Nick Couchman reopened GUACAMOLE-598:
-------------------------------------

Changes from this issue introduce a regression in modules that do not provide a 
userContext.  For such modules (Header, CAS, RADIUS), the call to 
/api/session/data/<dataSource>/user/<username> returns a 404 error.  Prior to 
these changes, that error was silently ignored by the web front-end - after 
these changes the 404 results in the generic error message.

The specific commit that introduced the regression is:

{quote}
5866c7e251f05c9345f77215713d4549575db2df is the first bad commit
commit 5866c7e251f05c9345f77215713d4549575db2df
Author: Michael Jumper <mjum...@apache.org>
Date:   Tue Jun 26 22:49:06 2018 -0700

    GUACAMOLE-598: Abort rendering of pages if critical data fails to load 
(data without which the page is non-functional).
{quote}

> Fail cleanly if authentication backend is down / misconfigured
> --------------------------------------------------------------
>
>                 Key: GUACAMOLE-598
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-598
>             Project: Guacamole
>          Issue Type: Improvement
>          Components: guacamole
>            Reporter: Michael Jumper
>            Assignee: Michael Jumper
>            Priority: Major
>             Fix For: 2.0.0
>
>         Attachments: guac-generic-error.png
>
>
> Depending on the extension in use, it is possible for a backend 
> authentication system (such as a MySQL database, LDAP directory, etc.) to 
> become unreachable or to be fatally misconfigured, resulting in an internal 
> failure during authentication attempts. Because of the way such internal 
> failures are handled, this can cause the Guacamole login screen to fail to 
> display entirely, masking any notification that might advise the user of the 
> failure.
> The authentication system should fail cleanly. As long as doing so does not 
> reveal sensitive information about the system, the fact that an error has 
> occurred should be relayed to the user such that they can contact their 
> administrator or check the relevant logs.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to