diff options
-rw-r--r-- | http/http_connection.hpp | 8 | ||||
-rw-r--r-- | meson.build | 2 | ||||
-rw-r--r-- | meson_options.txt | 4 | ||||
-rw-r--r-- | redfish-core/lib/account_service.hpp | 12 |
4 files changed, 13 insertions, 13 deletions
diff --git a/http/http_connection.hpp b/http/http_connection.hpp index 330c565831..2ea3f18b27 100644 --- a/http/http_connection.hpp +++ b/http/http_connection.hpp @@ -359,7 +359,7 @@ class Connection : completeRequest(res); return; } -#ifndef BMCWEB_INSECURE_DISABLE_AUTHENTICATION +#ifndef BMCWEB_INSECURE_DISABLE_AUTHX if (!crow::authentication::isOnAllowlist(req->url, req->method()) && thisReq.session == nullptr) { @@ -370,7 +370,7 @@ class Connection : completeRequest(res); return; } -#endif // BMCWEB_INSECURE_DISABLE_AUTHENTICATION +#endif // BMCWEB_INSECURE_DISABLE_AUTHX auto asyncResp = std::make_shared<bmcweb::AsyncResp>(); BMCWEB_LOG_DEBUG << "Setting completion handler"; asyncResp->res.setCompleteRequestHandler( @@ -579,7 +579,7 @@ class Connection : BMCWEB_LOG_DEBUG << "Unable to get client IP"; } sessionIsFromTransport = false; -#ifndef BMCWEB_INSECURE_DISABLE_AUTHENTICATION +#ifndef BMCWEB_INSECURE_DISABLE_AUTHX boost::beast::http::verb method = parser->get().method(); userSession = crow::authentication::authenticate( ip, res, method, parser->get().base(), userSession); @@ -600,7 +600,7 @@ class Connection : BMCWEB_LOG_DEBUG << "Starting quick deadline"; } -#endif // BMCWEB_INSECURE_DISABLE_AUTHENTICATION +#endif // BMCWEB_INSECURE_DISABLE_AUTHX doRead(); }); diff --git a/meson.build b/meson.build index 33daf540fe..8724c62013 100644 --- a/meson.build +++ b/meson.build @@ -65,7 +65,7 @@ feature_map = { 'google-api' : '-DBMCWEB_ENABLE_GOOGLE_API', 'host-serial-socket' : '-DBMCWEB_ENABLE_HOST_SERIAL_WEBSOCKET', 'ibm-management-console' : '-DBMCWEB_ENABLE_IBM_MANAGEMENT_CONSOLE', - 'insecure-disable-auth' : '-DBMCWEB_INSECURE_DISABLE_AUTHENTICATION', + 'insecure-disable-auth' : '-DBMCWEB_INSECURE_DISABLE_AUTHX', 'insecure-disable-csrf' : '-DBMCWEB_INSECURE_DISABLE_CSRF_PREVENTION', 'insecure-disable-ssl' : '-DBMCWEB_INSECURE_DISABLE_SSL', 'insecure-push-style-notification' : '-DBMCWEB_INSECURE_ENABLE_HTTP_PUSH_STYLE_EVENTING', diff --git a/meson_options.txt b/meson_options.txt index c81f185fd8..e731ab344a 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -264,8 +264,8 @@ option( 'insecure-disable-auth', type: 'feature', value: 'disabled', - description: '''Disable authentication on all ports. Should be set to false - for production systems''' + description: '''Disable authentication and authoriztion on all ports. + Should be set to false for production systems.''' ) option( diff --git a/redfish-core/lib/account_service.hpp b/redfish-core/lib/account_service.hpp index e675e82256..99f126ed14 100644 --- a/redfish-core/lib/account_service.hpp +++ b/redfish-core/lib/account_service.hpp @@ -1719,14 +1719,14 @@ inline void requestAccountServiceRoutes(App& app) { return; } -#ifdef BMCWEB_INSECURE_DISABLE_AUTHENTICATION +#ifdef BMCWEB_INSECURE_DISABLE_AUTHX // If authentication is disabled, there are no user accounts messages::resourceNotFound(asyncResp->res, "#ManagerAccount.v1_4_0.ManagerAccount", accountName); return; -#endif // BMCWEB_INSECURE_DISABLE_AUTHENTICATION +#endif // BMCWEB_INSECURE_DISABLE_AUTHX if (req.session == nullptr) { messages::internalError(asyncResp->res); @@ -1895,14 +1895,14 @@ inline void requestAccountServiceRoutes(App& app) { return; } -#ifdef BMCWEB_INSECURE_DISABLE_AUTHENTICATION +#ifdef BMCWEB_INSECURE_DISABLE_AUTHX // If authentication is disabled, there are no user accounts messages::resourceNotFound( asyncResp->res, "#ManagerAccount.v1_4_0.ManagerAccount", username); return; -#endif // BMCWEB_INSECURE_DISABLE_AUTHENTICATION +#endif // BMCWEB_INSECURE_DISABLE_AUTHX std::optional<std::string> newUserName; std::optional<std::string> password; std::optional<bool> enabled; @@ -1992,14 +1992,14 @@ inline void requestAccountServiceRoutes(App& app) return; } -#ifdef BMCWEB_INSECURE_DISABLE_AUTHENTICATION +#ifdef BMCWEB_INSECURE_DISABLE_AUTHX // If authentication is disabled, there are no user accounts messages::resourceNotFound( asyncResp->res, "#ManagerAccount.v1_4_0.ManagerAccount", username); return; -#endif // BMCWEB_INSECURE_DISABLE_AUTHENTICATION +#endif // BMCWEB_INSECURE_DISABLE_AUTHX sdbusplus::message::object_path tempObjPath(rootUserDbusPath); tempObjPath /= username; const std::string userPath(tempObjPath); |