Opened 18 years ago
Closed 15 years ago
#3817 closed enhancement (worksforme)
/admin and 500 error
Reported by: | Owned by: | Christopher Lenz | |
---|---|---|---|
Priority: | normal | Milestone: | |
Component: | admin/web | Version: | 0.10 |
Severity: | major | Keywords: | |
Cc: | Branch: | ||
Release Notes: | |||
API Changes: | |||
Internal Changes: |
Description
Trac webadmin should not throw a 500 error when an un-authorised user tries to access /admin, it should either state that the user must login, redirect to WikiStart or throw a 404 or 403.
Attachments (0)
Change History (6)
follow-up: 2 comment:1 by , 18 years ago
Component: | webadmin → general |
---|---|
Milestone: | → 0.10.1 |
Owner: | changed from | to
Type: | defect → enhancement |
Version: | devel → 0.10 |
comment:2 by , 18 years ago
Replying to Pedro Algarvio, aka, s0undt3ch <ufs@ufsoft.org>:
Sorry the above 404 should be 401 - Authorization Required
When sending a 401 response the server also needs to include an authentication challenge, like you would get when clicking on /login. We don't know how the user has configured authentication, so it's impossible to send the challenge. A 403 error would probably be appropriate.
comment:3 by , 18 years ago
Component: | general → webadmin |
---|---|
Milestone: | 0.10.1 |
Owner: | changed from | to
Actually the milestones don't apply to WebAdmin since's it's not part of the core yet.
comment:4 by , 18 years ago
Resolution: | → worksforme |
---|---|
Status: | new → closed |
Well, right now going to /admin without any ADMIN proivilege gives you a 404 with the following message:
Not Found No administration panels available
So I think this addresses the problem adequately.
follow-up: 6 comment:5 by , 15 years ago
Resolution: | worksforme |
---|---|
Status: | closed → reopened |
Version: | 0.10 → 0.11.4 |
This problem also manifests itself when an Admin user logs out while viewing an Admin page. Rather than attempting to remain on the current page, Trac should navigate to the main Wiki page (i.e. where a visitor who has yet to log in would be directed).
comment:6 by , 15 years ago
Resolution: | → worksforme |
---|---|
Status: | reopened → closed |
Version: | 0.11.4 → 0.10 |
Replying to dh214d@…:
This problem also manifests itself when an Admin user logs out while viewing an Admin page.
And it gives the message:
Error: Not Found Unknown administration panel
and a 404 error code which, according to the ticket description and comment:4, is adequate. So I'm re-closing this as "worksforme".
You could file a new enhancement request if you would like another behavior (the redirect), but I suspect there would be some resistance against including this into core. It could easily be made into a plugin, though.
Sorry the above 404 should be 401 - Authorization Required
One more thing though, the 500 error is not one of those the simply get's us a blanc page with a traceback, the web UI shows up good, but internally it sends a 500 error, which in my opinion is not good, or at the least, could be better.