[katello-devel] Candlepin Auth Integration Phase One
Devan Goodwin
dgoodwin at rm-rf.ca
Wed Jun 22 15:11:27 UTC 2011
On Wed, Jun 22, 2011 at 12:02 PM, James Bowes <jbowes at redhat.com> wrote:
> On Wed, Jun 22, 2011 at 11:52:44AM -0300, Devan Goodwin wrote:
>> On Wed, Jun 22, 2011 at 11:44 AM, Lukas Zapletal <lzap at redhat.com> wrote:
>> > On 06/22/2011 04:33 PM, Devan Goodwin wrote:
>> >>
>> >> However if the request in step 2
>> >> only returned one owner, the POST will go through to just /consumers,
>> >> it will reach Candlepin, see the user is a super-admin with access to
>> >> many owners, and error out. Any idea how to solve? Can Katello inject
>> >> this or do we need to fix on client?
>> >
>> > How about sending ?owner=key every time (even for single owner case)? That
>> > should work on the Candlepin side...
>> >
>> > if (owner == null) {
>> > // wont reach the check
>> > }
>>
>> Yeah it should probably send it no matter what. I will make this change.
>>
>
> We can't; there's already clients in the wild sending register requests
> without it.
Bearing in mind I'm omitting the server side skip lzap mentioned above
(if no owner specified we still need to check), and just doing a
client side change to get the CLI register to always specify an owner
key (the GUI appears to already do this), I think we're ok. Server
itself will still function if it's not there as described, this would
just get registrations passing through Katello operational. (and even
this is probably short term)
IIRC we're operating under the assumption that client updates will be
required to register to Katello. (I am double checking this now)
--
Devan Goodwin <dgoodwin at rm-rf.ca>
http://rm-rf.ca
More information about the katello-devel
mailing list