401 and 403 errors treated indistinguishably by client

Bug #956513 reported by Gabriel Hurley
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Glance
Fix Released
High
Gabriel Hurley

Bug Description

Glance's client code treats status codes 401 (Not Authorized) and 403 (Forbidden) as the same error, and consequently raises the same exception for each: https://github.com/openstack/glance/blob/master/glance/common/client.py#L533

This is inappropriate, as the two are distinct errors with different meanings, and different actions need to be taken for each. The key distinction being that with a 401 you might be able to complete the request with proper authorization, whereas with 403 "Authorization will not help and the request SHOULD NOT be repeated." (from the W3C spec).

Without distinct exceptions in the client this can't be respected by any handler.

Changed in glance:
assignee: nobody → Gabriel Hurley (gabriel-hurley)
status: New → Confirmed
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to glance (master)

Fix proposed to branch: master
Review: https://review.openstack.org/5435

Changed in glance:
status: Confirmed → In Progress
Brian Waldon (bcwaldon)
Changed in glance:
milestone: none → essex-rc1
Jay Pipes (jaypipes)
Changed in glance:
importance: Undecided → High
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to glance (master)

Reviewed: https://review.openstack.org/5435
Committed: http://github.com/openstack/glance/commit/2e94076ca43ee3f31b1fc7f46b4c137d36bcd7db
Submitter: Jenkins
Branch: master

commit 2e94076ca43ee3f31b1fc7f46b4c137d36bcd7db
Author: Gabriel Hurley <email address hidden>
Date: Thu Mar 15 16:09:08 2012 -0700

    Disambiguates HTTP 401 and HTTP 403 in Glance. Fixes bug 956513.

    Change-Id: I82865293f60eabaf3bc40b40dc9c8612b12a6d1b

Changed in glance:
status: In Progress → Fix Committed
Thierry Carrez (ttx)
Changed in glance:
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in glance:
milestone: essex-rc1 → 2012.1
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.