[ 
https://issues.apache.org/jira/browse/TC-505?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16122259#comment-16122259
 ] 

ASF GitHub Bot commented on TC-505:
-----------------------------------

Github user dangogh commented on a diff in the pull request:

    
https://github.com/apache/incubator-trafficcontrol/pull/793#discussion_r132557250
  
    --- Diff: traffic_ops/app/conf/cdn.conf ---
    @@ -13,8 +13,9 @@
                access_control_allow_origin => '*'
        },
        to => {
    -           base_url   => 'http://localhost:3000',                    # 
this is where traffic ops app resides
    -           email_from => 'no-re...@traffic-ops-domain.com'           # 
traffic ops email address
    +           base_url                                => 
'http://localhost:3000',                                                        
                                                                                
             # this is where traffic ops app resides
    +           email_from                              => 
'no-re...@traffic-ops-domain.com',                                              
                                                                                
             # traffic ops email address
    +           no_account_found_msg    => 'A Traffic Ops user account is 
required for access. Please contact your Traffic Ops user administrator.'     # 
message to display if no TO account is found in tm_user
        },
    --- End diff --
    
    TABs added in there?


> LDAP only users are greeted with a 404 for all UI / API routes
> --------------------------------------------------------------
>
>                 Key: TC-505
>                 URL: https://issues.apache.org/jira/browse/TC-505
>             Project: Traffic Control
>          Issue Type: Bug
>          Components: Traffic Ops, Traffic Ops API
>    Affects Versions: 2.1.0
>            Reporter: Jeremy Mitchell
>            Assignee: Jeremy Mitchell
>            Priority: Critical
>
> This is because not_ldap => 1 was added to all routes via this PR:
> https://github.com/apache/incubator-trafficcontrol/pull/627
> which results in a 404 for all UI / API routes if you don't have a user entry 
> in the tm_user table.
> Rather than 404, if you login as ldap-only, you should get a 403 (forbidden) 
> with a nice message about what you should do.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to