Stop returning correct password on api calls

Captured invalid signature exception in authentication step, so that the problem is not returning exception to user, revealing the real password. Fixes bug 868360. Change-Id: Idb31f076a7b14309f0fda698261de816924da354
author: Ahmad Hassan <ahmad.hassan@hp.com> 2011-08-01 17:16:49 +0100
committer: Stanislaw Pitucha <stanislaw.pitucha@hp.com> 2011-10-05 15:02:50 +0100
commit: beee11edbfdd82cd81bc9c0fd75912c167892c2b (patch)
tree: b26d64ebbe18215ea7d3d226f00223c126d0a89d
parent: 981f52794ed41b6f25dfc4a25b4b736e8f030a0f (diff)
download: nova-beee11edbfdd82cd81bc9c0fd75912c167892c2b.tar.gz
nova-beee11edbfdd82cd81bc9c0fd75912c167892c2b.tar.xz
nova-beee11edbfdd82cd81bc9c0fd75912c167892c2b.zip
3 files changed, 5 insertions, 9 deletions
diff --git a/Authors b/Authors
index d0b1d0a08..d63daec3a 100644
--- a/Authors
+++ b/Authors
@@ -1,6 +1,7 @@
 Aaron Lee <aaron.lee@rackspace.com>
 Adam Gandelman <adamg@canonical.com>
 Adam Johnson <adjohn@gmail.com>
+Ahmad Hassan <ahmad.hassan@hp.com>
 Alex Meade <alex.meade@rackspace.com>
 Alexander Sakhnov <asakhnov@mirantis.com>
 Andrey Brindeyev <abrindeyev@griddynamics.com>
diff --git a/nova/api/ec2/__init__.py b/nova/api/ec2/__init__.py
index 8dcb44bba..4b4c0f536 100644
--- a/nova/api/ec2/__init__.py
+++ b/nova/api/ec2/__init__.py
@@ -188,7 +188,8 @@ class Authenticate(wsgi.Middleware):
                     req.host,
                     req.path)
         # Be explicit for what exceptions are 403, the rest bubble as 500
-        except (exception.NotFound, exception.NotAuthorized) as ex:
+        except (exception.NotFound, exception.NotAuthorized,
+                exception.InvalidSignature) as ex:
             LOG.audit(_("Authentication Failure: %s"), unicode(ex))
             raise webob.exc.HTTPForbidden()
 
diff --git a/nova/auth/manager.py b/nova/auth/manager.py
index 44e6e11ac..e0504464e 100644
--- a/nova/auth/manager.py
+++ b/nova/auth/manager.py
@@ -149,11 +149,7 @@ class User(AuthBase):
         return AuthManager().is_project_manager(self, project)
 
     def __repr__(self):
-        return "User('%s', '%s', '%s', '%s', %s)" % (self.id,
-                                                     self.name,
-                                                     self.access,
-                                                     self.secret,
-                                                     self.admin)
+        return "User('%s', '%s')" % (self.id, self.name)
 
 
 class Project(AuthBase):
@@ -200,9 +196,7 @@ class Project(AuthBase):
         return AuthManager().get_credentials(user, self)
 
     def __repr__(self):
-        return "Project('%s', '%s', '%s', '%s', %s)" % \
-            (self.id, self.name, self.project_manager_id, self.description,
-             self.member_ids)
+        return "Project('%s', '%s')" % (self.id, self.name)
 
 
 class AuthManager(object):
author	Ahmad Hassan <ahmad.hassan@hp.com>	2011-08-01 17:16:49 +0100
committer	Stanislaw Pitucha <stanislaw.pitucha@hp.com>	2011-10-05 15:02:50 +0100
commit	beee11edbfdd82cd81bc9c0fd75912c167892c2b (patch)
tree	b26d64ebbe18215ea7d3d226f00223c126d0a89d
parent	981f52794ed41b6f25dfc4a25b4b736e8f030a0f (diff)
download	nova-beee11edbfdd82cd81bc9c0fd75912c167892c2b.tar.gz nova-beee11edbfdd82cd81bc9c0fd75912c167892c2b.tar.xz nova-beee11edbfdd82cd81bc9c0fd75912c167892c2b.zip