Log JWT authentication failures (!95565) · Merge requests · GitLab.org / GitLab

Stan Hu requested to merge sh-log-jwt-auth-failures into master Aug 17, 2022

What does this MR do and why?

Some users have experienced intermittent authentication failures when using the dependency proxy. A 401 might be returned if the HTTP Basic Authentication fails for some reason. Previously we quietly just returned a 401, but this commit adds a log message when this happens.

Relates to #332827

How to set up and validate locally

curl -u test:fail https://your.gdk.host:3001/jwt/auth

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Aug 17, 2022 by Stan Hu

Log JWT authentication failures

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports