mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-23 15:40:01 -06:00
AD user without override receive InternalServerError with API
When ipa commands are used by an Active Directory user that does not have any idoverride-user set, they return the following error message which can be misleading: $ kinit aduser@ADDOMAIN.COM $ ipa ping ipa: ERROR: cannot connect to 'https://master.ipa.com/ipa/json': Internal Server Error The fix properly handles ACIError exception received when creating the context, and now the following message can be seen: $ kinit aduser@ADDOMAIN.COM $ ipa ping ipa: ERROR: cannot connect to 'https://master.ipa.com/ipa/json': Unauthorized with the following log in /var/log/httpd/error_log: ipa: INFO: 401 Unauthorized: Insufficient access: Invalid credentials Fixes: https://pagure.io/freeipa/issue/8163 Reviewed-By: Alexander Bokovoy <abbra@users.noreply.github.com>
This commit is contained in:
parent
5fe8fc6298
commit
e2d69380fb
@ -694,7 +694,7 @@ class KerberosWSGIExecutioner(WSGIExecutioner, KerberosSession):
|
||||
status = HTTP_STATUS_SUCCESS
|
||||
response = status.encode('utf-8')
|
||||
start_response(status, self.headers)
|
||||
return self.marshal(None, e)
|
||||
return [self.marshal(None, e)]
|
||||
finally:
|
||||
destroy_context()
|
||||
return response
|
||||
|
Loading…
Reference in New Issue
Block a user