Skip to content

Internal authN backend: make it impossible to successfully log in with a blank password (for 3.6.x) #1466

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Jan 9, 2018
Merged

Internal authN backend: make it impossible to successfully log in with a blank password (for 3.6.x) #1466

merged 4 commits into from
Jan 9, 2018

Conversation

michaelklishin
Copy link
Collaborator

@michaelklishin michaelklishin commented Jan 5, 2018
edited
Loading

Proposed Changes

This disables logins with a blank provided password in the internal authN backend. There should be no reason to use passwordless users
and password-based authentication (the PLAIN authentication mechanism). Blank passwords
are only useful when they are, ahem, not used because authentication is handled out of band, e.g. via x509 certificates.

It is still possible to create a user with a blank password or clear a password on an existing user.
When the EXTERNAL authentication mechanism is used, the internal backend is not involved at all.

Note that this change is limited to the internal backend only. External backends such as LDAP
are considered to not be controlled by the broker.

Types of Changes

What types of changes does your code introduce to this project?
Put an x in the boxes that apply

Checklist

  • I have read the CONTRIBUTING.md document
  • I have signed the CA (see https://cla.pivotal.io/sign/rabbitmq)
  • All tests pass locally with my changes
  • I have added tests that prove my fix is effective or that my feature works
  • I have added necessary documentation (if appropriate)
  • Any dependent changes have been merged and published in related repositories

Further Comments

[#153435857]

@michaelklishin
Prevent internal authN backend from accepting blank passwords
7051a9d 
Passwordless users were never meant to be used this way. Since
the EXTERNAL authentication mechanism won't use this backend at all,
this is a reasonable safeguard to put in place.

[#153435857]
@michaelklishin
Cosmetics
39f4e40
@michaelklishin michaelklishin mentioned this pull request Jan 8, 2018
Merged
@michaelklishin michaelklishin changed the title WIP Internal authN backend: make it impossible to successfully log in with a blank password (for 3.6.x) Internal authN backend: make it impossible to successfully log in with a blank password (for 3.6.x) Jan 8, 2018
gerhard
gerhard approved these changes Jan 8, 2018
View reviewed changes
Copy link
Contributor

@gerhard gerhard left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Works as expected.

Did you mean to have the error message display on 3 separate lines or 1 line?

@michaelklishin
Copy link
Collaborator Author

The message will be a single line in the log even if it's a multi-line Erlang string. In other words, they are actually concatenated by erlc.

@michaelklishin michaelklishin merged commit 25abc0c into v3.6.x Jan 9, 2018
@dumbbell dumbbell deleted the rabbitmq-server-story-153435857 branch January 10, 2018 11:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gerhard gerhard gerhard approved these changes

@dcorbacho dcorbacho dcorbacho approved these changes

@dumbbell dumbbell Awaiting requested review from dumbbell

@lukebakken lukebakken Awaiting requested review from lukebakken

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@michaelklishin @gerhard @dcorbacho