Edgewall Software
Modify

Opened 18 years ago

Closed 15 years ago

#3817 closed enhancement (worksforme)

/admin and 500 error

Reported by: Pedro Algarvio, aka, s0undt3ch <ufs@…> Owned by: Christopher Lenz
Priority: normal Milestone:
Component: admin/web Version: 0.10
Severity: major Keywords:
Cc: Branch:
Release Notes:
API Changes:
Internal Changes:

Description

Trac webadmin should not throw a 500 error when an un-authorised user tries to access /admin, it should either state that the user must login, redirect to WikiStart or throw a 404 or 403.

Attachments (0)

Change History (6)

comment:1 by Pedro Algarvio, aka, s0undt3ch <ufs@…>, 18 years ago

Component: webadmingeneral
Milestone: 0.10.1
Owner: changed from Christopher Lenz to Jonas Borgström
Type: defectenhancement
Version: devel0.10

Sorry the above 404 should be 401 - Authorization Required

One more thing though, the 500 error is not one of those the simply get's us a blanc page with a traceback, the web UI shows up good, but internally it sends a 500 error, which in my opinion is not good, or at the least, could be better.

in reply to:  1 comment:2 by Matthew Good, 18 years ago

Replying to Pedro Algarvio, aka, s0undt3ch <ufs@ufsoft.org>:

Sorry the above 404 should be 401 - Authorization Required

When sending a 401 response the server also needs to include an authentication challenge, like you would get when clicking on /login. We don't know how the user has configured authentication, so it's impossible to send the challenge. A 403 error would probably be appropriate.

comment:3 by Matthew Good, 18 years ago

Component: generalwebadmin
Milestone: 0.10.1
Owner: changed from Jonas Borgström to Christopher Lenz

Actually the milestones don't apply to WebAdmin since's it's not part of the core yet.

comment:4 by Christian Boos, 18 years ago

Resolution: worksforme
Status: newclosed

Well, right now going to /admin without any ADMIN proivilege gives you a 404 with the following message:

Not Found

No administration panels available

So I think this addresses the problem adequately.

comment:5 by dh214d@…, 15 years ago

Resolution: worksforme
Status: closedreopened
Version: 0.100.11.4

This problem also manifests itself when an Admin user logs out while viewing an Admin page. Rather than attempting to remain on the current page, Trac should navigate to the main Wiki page (i.e. where a visitor who has yet to log in would be directed).

in reply to:  5 comment:6 by Remy Blank, 15 years ago

Resolution: worksforme
Status: reopenedclosed
Version: 0.11.40.10

Replying to dh214d@…:

This problem also manifests itself when an Admin user logs out while viewing an Admin page.

And it gives the message:

Error: Not Found

Unknown administration panel

and a 404 error code which, according to the ticket description and comment:4, is adequate. So I'm re-closing this as "worksforme".

You could file a new enhancement request if you would like another behavior (the redirect), but I suspect there would be some resistance against including this into core. It could easily be made into a plugin, though.

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Christopher Lenz.
The resolution will be deleted. Next status will be 'reopened'.
to The owner will be changed from Christopher Lenz to the specified user.

Add Comment


E-mail address and name can be saved in the Preferences .
 
Note: See TracTickets for help on using tickets.