[
https://issues.apache.org/jira/browse/ATLAS-4465?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17437024#comment-17437024
]
ASF subversion and git services commented on ATLAS-4465:
--------------------------------------------------------
Commit c0700e436afccc04e7f77480d6fb8aed8e293db4 in atlas's branch
refs/heads/master from Radhika Kundam
[ https://gitbox.apache.org/repos/asf?p=atlas.git;h=c0700e4 ]
ATLAS-4465: Atlas login request should be allowed only for HTTP GET request
Signed-off-by: Sidharth Mishra <[email protected]>
> Atlas login request should be allowed only for HTTP GET request
> ----------------------------------------------------------------
>
> Key: ATLAS-4465
> URL: https://issues.apache.org/jira/browse/ATLAS-4465
> Project: Atlas
> Issue Type: Bug
> Affects Versions: 3.0.0
> Reporter: Radhika Kundam
> Assignee: Radhika Kundam
> Priority: Major
> Attachments: Error_for_login_POST_request.png
>
>
> {{Request to Atlas login page [http://localhost:21000/login.jsp] is
> returning the login page irrespective of type of
> RequestMethod(GET/DELETE/PUT/POST).}}
> Ex:
> curl -X GET -u <username>:<password> '[http://localhost:21000/login.jsp]'
> should return login page successfully.
> curl -X PUT -u <username>:<password> '[http://localhost:21000/login.jsp]'
> should not be allowed
> {{With this fix request to login page should be succeed only in case of Http
> RequestMethod GET and throw 405 error for all other request methods as shown
> in attached screenshot.}}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
