Uploaded image for project: 'Puppet Enterprise'
  1. Puppet Enterprise
  2. ENTERPRISE-1244

Console login page, username/password combination entry incorrect message

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Open
    • Priority: Critical
    • Resolution: Unresolved
    • Affects Version/s: PE 2019.0.2
    • Fix Version/s: None
    • Component/s: Console, Console Auth
    • Labels:
    • Environment:

      Production.

    • Template:
    • Console Browser:
      Chrome
    • Master Config:
      Monolithic
    • Agent OS:
      RHEL 7 (x86_64)
    • Master OS:
      RHEL 7 (x86_64)
    • Acceptance Criteria:
      Hide

      The message states something similar to "The username/password combination entered is incorrect. If you believe you have received this message in error, please contact the administrator." when a user enters the wrong username or password on the console.

      Show
      The message states something similar to "The username/password combination entered is incorrect. If you believe you have received this message in error, please contact the administrator." when a user enters the wrong username or password on the console.
    • Team:
      Dumpling
    • CS Priority:
      Reviewed
    • Zendesk Ticket IDs:
      34254,34984
    • Zendesk Ticket Count:
      2
    • QA Risk Assessment:
      Needs Assessment

      Description

      Security vulnerability, by disclosing directory structure information.

      Console login page, username/password combination entry incorrect message

      change from

      "The username/password combination entered is incorrect. If you believe you have received this message in error, please consult the logs at /var/log/puppetlabs/console-services/console-service.log."

      to

      "The username/password combination entered is incorrect. If you believe you have received this message in error, please contact the administrator."

      Setting found in the following part of the console-ui repo:

      pe-console-ui/src/puppetlabs/pe_console_auth_ui/routes.clj

      pe-console-ui/locales/ja.po

      pe-console-ui/locales/pe-console-ui.pot

      part of the console-services jar{{}}

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            andrewkzimmerman Andrew K. Zimmerman
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Dates

              Created:
              Updated:

                Zendesk Support