Gerrit 3.1.x , 404 Not Found error when user forgot to login

[Andrey Belous]

Hi all,

We have old Gerri server (2.14.x) and when user is trying to access review link before log in to the Gerri server,

It will print the following message and buttons for login.

“Code Review - Session Expired

 Session Expired 

You are no longer signed in to Gerrit Code Review.

To continue, please sign-in again. “

On a sever with Gerrit 3.1.x it will print "404 Not Found” .

So for Gerrit 3.1.x,

Is it possible to check if user did not logged-in  and ask to sign-in 

 Or

Allow to provide custom error message when user did not sign-in yet

Thank you!

Andrey

[Sven Selberg]

You might want to look at the login-redirect plugin that redirects the user to the login dialog if it accesses Gerrit without being logged in.

After login the user is redirected to the URL that the user tried to access initially.

https://gerrit-review.googlesource.com/admin/repos/plugins/login-redirect

/Sven

[Matthias Sohn]

Why is this code in a plugin ?

To me this seems like core functionality which should be moved to core Gerrit.

-Matthias

--
--
To unsubscribe, email repo-discuss...@googlegroups.com
More info at http://groups.google.com/group/repo-discuss?hl=en

---
You received this message because you are subscribed to the Google Groups "Repo and Gerrit Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to repo-discuss...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/repo-discuss/1fe5a0fa-0c2a-4356-bbdb-44865b48d0a7%40googlegroups.com.

[Sven Selberg]

Couldn't agree more.

We (Gustaf)  implemented it in a plugin since we needed it (don't recall if there were any attempts to get it into core).

After using it for a couple of months we suggested to contribute the plugin upstream, and it was accepted. That's why it is a plugin.

But I think it's the right way to go to first implement things of this nature in a plugin if you are not certain whether it fits in core, so the question should be more "Why is this code *still* in a plugin". :-)

/Sven

On Tuesday, April 7, 2020 at 9:09:00 AM UTC+2, Matthias Sohn wrote:

Why is this code in a plugin ?

To me this seems like core functionality which should be moved to core Gerrit.

-Matthias

On Tue, Apr 7, 2020 at 9:04 AM Sven Selberg <sven....@axis.com> wrote:

You might want to look at the login-redirect plugin that redirects the user to the login dialog if it accesses Gerrit without being logged in.

After login the user is redirected to the URL that the user tried to access initially.

https://gerrit-review.googlesource.com/admin/repos/plugins/login-redirect

/Sven

On Monday, April 6, 2020 at 6:26:16 PM UTC+2, Andrey Belous wrote:

Hi all,

We have old Gerri server (2.14.x) and when user is trying to access review link before log in to the Gerri server,

It will print the following message and buttons for login.

“Code Review - Session Expired

 Session Expired 

You are no longer signed in to Gerrit Code Review.

To continue, please sign-in again. “

On a sever with Gerrit 3.1.x it will print "404 Not Found” .

So for Gerrit 3.1.x,

Is it possible to check if user did not logged-in  and ask to sign-in 

 Or

Allow to provide custom error message when user did not sign-in yet

Thank you!

Andrey

--
--

To unsubscribe, email repo-d...@googlegroups.com

More info at http://groups.google.com/group/repo-discuss?hl=en

---
You received this message because you are subscribed to the Google Groups "Repo and Gerrit Discussion" group.

To unsubscribe from this group and stop receiving emails from it, send an email to repo-d...@googlegroups.com.

[Matthias Sohn]

On Tue, Apr 7, 2020 at 9:35 AM Sven Selberg <sven.s...@axis.com> wrote:

Couldn't agree more.

We (Gustaf)  implemented it in a plugin since we needed it (don't recall if there were any attempts to get it into core).

After using it for a couple of months we suggested to contribute the plugin upstream, and it was accepted. That's why it is a plugin.

But I think it's the right way to go to first implement things of this nature in a plugin if you are not certain whether it fits in core, so the question should be more "Why is this code *still* in a plugin". :-)

I agree

 

To unsubscribe, email repo-discuss...@googlegroups.com

More info at http://groups.google.com/group/repo-discuss?hl=en

---
You received this message because you are subscribed to the Google Groups "Repo and Gerrit Discussion" group.

To unsubscribe from this group and stop receiving emails from it, send an email to repo-discuss...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/repo-discuss/4eb3dc87-6f75-48c4-9e7c-f16a7a51ba76%40googlegroups.com.

[Luca Milanesio]

On 7 Apr 2020, at 09:21, Matthias Sohn <matthi...@gmail.com> wrote:

On Tue, Apr 7, 2020 at 9:35 AM Sven Selberg <sven.s...@axis.com> wrote:

Couldn't agree more.

We (Gustaf)  implemented it in a plugin since we needed it (don't recall if there were any attempts to get it into core).

After using it for a couple of months we suggested to contribute the plugin upstream, and it was accepted. That's why it is a plugin.

But I think it's the right way to go to first implement things of this nature in a plugin if you are not certain whether it fits in core, so the question should be more "Why is this code *still* in a plugin". :-)

I agree

If I recall correctly (I may be wrong) the issue was reported as a regression from GWT, because it is with PolyGerrit that the 404 behaviour was introduced.

However, it was mentioned that asking to the user to login is a potential security issue for Gerrit sites exposed outside the internal network.

If you tell “hey, you should login to see this URL” then you imply that the URL is valid and there is something behind it.

E.g. Imagine that company X is developing a super-secret project Y, then if someone is looking for changes on company X Gerrit site could just guess the name of the project Y and getting a “please sign-in to see this” is a way of revealing the super-secret name Y. From a security standpoint, if you should not see something and not know its name, returning a “access denied” is a leak of the fact that the secure / private resource actually exist.

Anyway, the above was the justification of the new behaviour.

Of course, not all companies are so secret and require this level of security. We all know that a super-secure system is often not very usable.

There were two options then:

1. Implement a feature switch in Gerrit to enable/disable this behaviour

2. Implement a plugin

At the moment, this is a plugin.

Hope this clarifies how we ended up where we are now :-)

Luca.

To view this discussion on the web visit https://groups.google.com/d/msgid/repo-discuss/CAKSZd3Trwbctv4qZmB-2--a%2BWVCX1yJXQrs-2-1TJp_HO3eR%3Dg%40mail.gmail.com.

[Sven Selberg]

On Tuesday, April 7, 2020 at 11:56:22 AM UTC+2, lucamilanesio wrote:

On 7 Apr 2020, at 09:21, Matthias Sohn <matthi...@gmail.com> wrote:

On Tue, Apr 7, 2020 at 9:35 AM Sven Selberg <sven....@axis.com> wrote:

Couldn't agree more.

We (Gustaf)  implemented it in a plugin since we needed it (don't recall if there were any attempts to get it into core).

After using it for a couple of months we suggested to contribute the plugin upstream, and it was accepted. That's why it is a plugin.

But I think it's the right way to go to first implement things of this nature in a plugin if you are not certain whether it fits in core, so the question should be more "Why is this code *still* in a plugin". :-)

I agree

If I recall correctly (I may be wrong) the issue was reported as a regression from GWT, because it is with PolyGerrit that the 404 behaviour was introduced.

However, it was mentioned that asking to the user to login is a potential security issue for Gerrit sites exposed outside the internal network.

If you tell “hey, you should login to see this URL” then you imply that the URL is valid and there is something behind it.

I don't see that the "information leakage" justification holds up, at least with the behavior of the plugin since it will prompt you to sign in whatever the URL is.
You have to login before even attempting to navigate to anything under canonical-web-url even if it doesn't exist. So f.i.:

     https://my-gerrit.company.com/pure/rubbish-ppppppppppppppppppf

Would also redirect you to the login.

 

To unsubscribe, email repo-discuss+unsub...@googlegroups.com

More info at http://groups.google.com/group/repo-discuss?hl=en

--- 
You received this message because you are subscribed to the Google Groups "Repo and Gerrit Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to repo-d...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/repo-discuss/4eb3dc87-6f75-48c4-9e7c-f16a7a51ba76%40googlegroups.com.

-- 
-- 
To unsubscribe, email repo-discuss+unsub...@googlegroups.com

More info at http://groups.google.com/group/repo-discuss?hl=en

--- 
You received this message because you are subscribed to the Google Groups "Repo and Gerrit Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to repo-d...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/repo-discuss/CAKSZd3Trwbctv4qZmB-2--a%2BWVCX1yJXQrs-2-1TJp_HO3eR%3Dg%40mail.gmail.com.

[Sven Selberg]

On Tuesday, April 7, 2020 at 12:38:58 PM UTC+2, Sven Selberg wrote:

On Tuesday, April 7, 2020 at 11:56:22 AM UTC+2, lucamilanesio wrote:

On 7 Apr 2020, at 09:21, Matthias Sohn <matthi...@gmail.com> wrote:

On Tue, Apr 7, 2020 at 9:35 AM Sven Selberg <sven....@axis.com> wrote:

Couldn't agree more.

We (Gustaf)  implemented it in a plugin since we needed it (don't recall if there were any attempts to get it into core).

After using it for a couple of months we suggested to contribute the plugin upstream, and it was accepted. That's why it is a plugin.

But I think it's the right way to go to first implement things of this nature in a plugin if you are not certain whether it fits in core, so the question should be more "Why is this code *still* in a plugin". :-)

I agree

If I recall correctly (I may be wrong) the issue was reported as a regression from GWT, because it is with PolyGerrit that the 404 behaviour was introduced.

However, it was mentioned that asking to the user to login is a potential security issue for Gerrit sites exposed outside the internal network.

If you tell “hey, you should login to see this URL” then you imply that the URL is valid and there is something behind it.

I don't see that the "information leakage" justification holds up, at least with the behavior of the plugin since it will prompt you to sign in whatever the URL is.
You have to login before even attempting to navigate to anything under canonical-web-url even if it doesn't exist. So f.i.:

     https://my-gerrit.company.com/pure/rubbish-ppppppppppppppppppf

Would also redirect you to the login.

After you've logged in you would get a 404 for this url (unless you have some really exotic plugins installed).

[Luca Milanesio]

On 7 Apr 2020, at 11:38, Sven Selberg <sven.s...@axis.com> wrote:

On Tuesday, April 7, 2020 at 11:56:22 AM UTC+2, lucamilanesio wrote:

On 7 Apr 2020, at 09:21, Matthias Sohn <matthi...@gmail.com> wrote:

On Tue, Apr 7, 2020 at 9:35 AM Sven Selberg <sven....@axis.com> wrote:

Couldn't agree more.

We (Gustaf)  implemented it in a plugin since we needed it (don't recall if there were any attempts to get it into core).

After using it for a couple of months we suggested to contribute the plugin upstream, and it was accepted. That's why it is a plugin.

But I think it's the right way to go to first implement things of this nature in a plugin if you are not certain whether it fits in core, so the question should be more "Why is this code *still* in a plugin". :-)

I agree

If I recall correctly (I may be wrong) the issue was reported as a regression from GWT, because it is with PolyGerrit that the 404 behaviour was introduced.

However, it was mentioned that asking to the user to login is a potential security issue for Gerrit sites exposed outside the internal network.

If you tell “hey, you should login to see this URL” then you imply that the URL is valid and there is something behind it.

I don't see that the "information leakage" justification holds up, at least with the behavior of the plugin since it will prompt you to sign in whatever the URL is.

Yes, and isn’t suitable for external use over the Internet, because otherwise you won’t allow public projects either.

Luca.

To unsubscribe, email repo-discuss...@googlegroups.com

More info at http://groups.google.com/group/repo-discuss?hl=en

---
You received this message because you are subscribed to the Google Groups "Repo and Gerrit Discussion" group.

To unsubscribe from this group and stop receiving emails from it, send an email to repo-discuss...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/repo-discuss/780cb50d-c1df-4f7c-ac08-d37f26503ebc%40googlegroups.com.

[Eric Peterson]

Just thought I’d share that this behavior causes a lot of confusion and frustration for our Gerrit users. It is a universally unpopular change.

 

We’re +1 for upstreaming this to core Gerrit. If someone needs the “super secret” behavior, it could be a configurable setting.

 

--Eric

-- 
-- 
To unsubscribe, email repo-discuss...@googlegroups.com

More info at http://groups.google.com/group/repo-discuss?hl=en

--- 
You received this message because you are subscribed to the Google Groups "Repo and Gerrit Discussion" group.

To unsubscribe from this group and stop receiving emails from it, send an email to repo-d...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/repo-discuss/4eb3dc87-6f75-48c4-9e7c-f16a7a51ba76%40googlegroups.com.

 

-- 
-- 
To unsubscribe, email repo-discuss...@googlegroups.com

More info at http://groups.google.com/group/repo-discuss?hl=en

--- 
You received this message because you are subscribed to the Google Groups "Repo and Gerrit Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to repo-d...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/repo-discuss/CAKSZd3Trwbctv4qZmB-2--a%2BWVCX1yJXQrs-2-1TJp_HO3eR%3Dg%40mail.gmail.com.

 

--
--
To unsubscribe, email repo-discuss...@googlegroups.com
More info at http://groups.google.com/group/repo-discuss?hl=en

---
You received this message because you are subscribed to the Google Groups "Repo and Gerrit Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to repo-discuss...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/repo-discuss/780cb50d-c1df-4f7c-ac08-d37f26503ebc%40googlegroups.com.

--
--
To unsubscribe, email repo-discuss...@googlegroups.com
More info at http://groups.google.com/group/repo-discuss?hl=en

---
You received this message because you are subscribed to the Google Groups "Repo and Gerrit Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to repo-discuss...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/repo-discuss/29CC8505-0B3A-463A-9EEB-6398E7A30958%40gmail.com.

[Luca Milanesio]

On 7 Apr 2020, at 12:25, Eric Peterson <epet...@interactivebrokers.com> wrote:

Just thought I’d share that this behavior causes a lot of confusion and frustration for our Gerrit users. It is a universally unpopular change.

Yeah, it has been reported a number of times on the mailing list.

P.S. I explained *why* we ended up there and the rationale behind it :-) That doesn’t make me one supporter of that feature, but I do understand the concerns of people with public-facing Gerrit and the need of super-secure projects on it.

Luca.

[Sven Selberg]

On Tuesday, April 7, 2020 at 1:29:35 PM UTC+2, lucamilanesio wrote:

On 7 Apr 2020, at 12:25, Eric Peterson <epet...@interactivebrokers.com> wrote:

Just thought I’d share that this behavior causes a lot of confusion and frustration for our Gerrit users. It is a universally unpopular change.

Yeah, it has been reported a number of times on the mailing list.

P.S. I explained *why* we ended up there and the rationale behind it :-) That doesn’t make me one supporter of that feature, but I do understand the concerns of people with public-facing Gerrit and the need of super-secure projects on it.

Luca.

 

We’re +1 for upstreaming this to core Gerrit. If someone needs the “super secret” behavior, it could be a configurable setting.

You can always install the plugin, that will fix your issues.

 

-- 
-- 
To unsubscribe, email repo-discuss+unsub...@googlegroups.com

More info at http://groups.google.com/group/repo-discuss?hl=en

--- 
You received this message because you are subscribed to the Google Groups "Repo and Gerrit Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to repo-d...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/repo-discuss/4eb3dc87-6f75-48c4-9e7c-f16a7a51ba76%40googlegroups.com.

 

-- 
-- 
To unsubscribe, email repo-discuss+unsub...@googlegroups.com

More info at http://groups.google.com/group/repo-discuss?hl=en

--- 
You received this message because you are subscribed to the Google Groups "Repo and Gerrit Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to repo-d...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/repo-discuss/CAKSZd3Trwbctv4qZmB-2--a%2BWVCX1yJXQrs-2-1TJp_HO3eR%3Dg%40mail.gmail.com.

 

 

-- 
-- 
To unsubscribe, email rep...@googlegroups.com

More info at http://groups.google.com/group/repo-discuss?hl=en

--- 
You received this message because you are subscribed to the Google Groups "Repo and Gerrit Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to repo-d...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/repo-discuss/780cb50d-c1df-4f7c-ac08-d37f26503ebc%40googlegroups.com.

 

-- 
-- 
To unsubscribe, email repo-discuss+unsub...@googlegroups.com

More info at http://groups.google.com/group/repo-discuss?hl=en

--- 
You received this message because you are subscribed to the Google Groups "Repo and Gerrit Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to repo-d...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/repo-discuss/29CC8505-0B3A-463A-9EEB-6398E7A30958%40gmail.com.

[Jan Kundrát]

On úterý 7. dubna 2020 9:08:42 CEST, Matthias Sohn wrote:
> Why is this code in a plugin ?
> To me this seems like core functionality which should be moved to core
> Gerrit.

Our company Gerrit contains a mix of public (as in, free software, open
source, external contributors welcome) and private (company-internal clsoed
source) projects. While I would very much love my colleagues who forgot to
log in when they click to a link I send them to have a nice experience with
a login pop-up, it is even more important (for me, anyway) to preserve
anonymous browsing of changes to our public projects.

Can we get the best of both worlds by the login poping up at 404 resources
when working anonymously?

Speaking of secrets, gitiles has been leaking descriptions of these secret
projects for years already. Here's one secret project of ours:

https://gerrit.cesnet.cz/plugins/gitiles/CzechLight/cla-sysrepo/

I would have sworn I talked to people about this, but I cannot find a link
:(.

With kind regards,
Jan

[Andrey Belous]

I will go with plugin installation since this is what i need.

My two cents on this, to me it is really bad  user experience and i don't thins  it is any security issue

When user get email with link ,click on and get "Not  found" it is misleading 

-Andrey

[Luca Milanesio]

Yes, 100% agreed, the user-experience is very bad :-(
Happens to me also many times: I receive the e-mail, click on the link => 404.

Luca.