Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Returning an explicit session validation response instead of http status #2157

Merged
merged 1 commit into from May 2, 2016

Conversation

@dennisoelkers
Copy link
Member

@dennisoelkers dennisoelkers commented Apr 28, 2016

This helps us to prevent basic auth popups showing up for the request,
because of browsers intercepting 401s for non-CORS requests. Helps a lot
when the web interface is served over a single port using a relative
server URL like proposed and enabled in #2156.

This helps us to prevent basic auth popups showing up for the request,
because of browsers intercepting 401s for non-CORS requests. Helps a lot
when the web interface is served over a single port using a relative
server URL like proposed and enabled in #2156.
@dennisoelkers dennisoelkers added the web label Apr 28, 2016
@dennisoelkers dennisoelkers added this to the 2.0.1 milestone Apr 28, 2016

@AutoValue
@JsonAutoDetect
public abstract class SessionValidationResponse {

This comment has been minimized.

@joschi

joschi Apr 28, 2016
Contributor

Maybe it would be useful to add the user name of the user who created the session in the response.

This comment has been minimized.

@dennisoelkers

dennisoelkers Apr 28, 2016
Author Member

Good idea. That would also help us because we don't need to keep it around in localStorage in the web interface. This would be done in a separate PR though.

@joschi joschi self-assigned this May 2, 2016
@joschi
Copy link
Contributor

@joschi joschi commented May 2, 2016

LGTM.

@joschi joschi merged commit 5eb97e8 into 2.0 May 2, 2016
4 checks passed
4 checks passed
ci-server-integration Jenkins build graylog2-server-integration-pr 873 has succeeded
Details
ci-web-linter Jenkins build graylog-pr-linter-check 361 has succeeded
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
continuous-integration/travis-ci/push The Travis CI build passed
Details
@joschi joschi deleted the explicit-session-validation-response branch May 2, 2016
dennisoelkers added a commit that referenced this pull request May 2, 2016
(cherry picked from commit 9d97be2)
#
# Last 5 commit messages
# ----------------------
# a346e16 Improve index rotation/retention upgrade documentation (#2171) [Bernd Ahlers]
# 5eb97e8 Return explicit session validation response instead of HTTP status (#2157) [Dennis Oelkers]
# b714c0f Really use correct link to Users & Roles docs [Jochen Schalanda]
# c82ff6f Use correct link to Users & Roles documentation [Jochen Schalanda]
# ef19e14 Add '1.3' and '2.0' to Travis CI deploy branch list [Jochen Schalanda]
#
# ESLint output
# -------------
dennisoelkers added a commit that referenced this pull request May 2, 2016
(cherry picked from commit 25a83cd)
#
# Last 5 commit messages
# ----------------------
# ff7b9bb Fixing spacing for getting started error message. [Dennis Oelkers]
# a346e16 Improve index rotation/retention upgrade documentation (#2171) [Bernd Ahlers]
# 5eb97e8 Return explicit session validation response instead of HTTP status (#2157) [Dennis Oelkers]
# b714c0f Really use correct link to Users & Roles docs [Jochen Schalanda]
# c82ff6f Use correct link to Users & Roles documentation [Jochen Schalanda]
#
# ESLint output
# -------------
joschi pushed a commit that referenced this pull request May 3, 2016
…2157)

This helps us to prevent basic auth popups showing up for the request,
because of browsers intercepting 401s for non-CORS requests. Helps a lot
when the web interface is served over a single port using a relative
server URL like proposed and enabled in #2156.
(cherry picked from commit 5eb97e8)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

2 participants
You can’t perform that action at this time.