From 6506e4f66e888860d3ab205d016ec4b48783f0ff Mon Sep 17 00:00:00 2001 From: Tobias Trabelsi <64127335+tobias-trabelsi-sonarsource@users.noreply.github.com> Date: Wed, 17 Nov 2021 08:14:04 +0100 Subject: [PATCH] SONAR-15654 added liveness endpoint to allowlist with passcode --- .../server/authentication/UserSessionInitializer.java | 7 +++++-- .../server/authentication/UserSessionInitializerTest.java | 1 + 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/UserSessionInitializer.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/UserSessionInitializer.java index 205b669eb99..5582633876a 100644 --- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/UserSessionInitializer.java +++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/UserSessionInitializer.java @@ -60,8 +60,11 @@ public class UserSessionInitializer { "/api/authentication/login", "/api/authentication/logout", "/api/authentication/validate", "/api/project_badges/measure", "/api/project_badges/quality_gate"); - private static final Set URL_USING_PASSCODE = ImmutableSet.of( - "/api/ce/info", "/api/ce/pause", "/api/ce/resume", "/api/system/health", "/api/system/analytics", "/api/system/migrate_es"); + private static final Set URL_USING_PASSCODE = Set.of( + "/api/ce/info", "/api/ce/pause", + "/api/ce/resume", "/api/system/health", + "/api/system/analytics", "/api/system/migrate_es", + "/api/system/liveness"); private static final UrlPattern URL_PATTERN = UrlPattern.builder() .includes("/*") diff --git a/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/UserSessionInitializerTest.java b/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/UserSessionInitializerTest.java index df26d723052..36daa93dba6 100644 --- a/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/UserSessionInitializerTest.java +++ b/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/UserSessionInitializerTest.java @@ -103,6 +103,7 @@ public class UserSessionInitializerTest { assertPathIsIgnoredWithAnonymousAccess("/api/ce/pause"); assertPathIsIgnoredWithAnonymousAccess("/api/ce/resume"); assertPathIsIgnoredWithAnonymousAccess("/api/system/health"); + assertPathIsIgnoredWithAnonymousAccess("/api/system/liveness"); // exclude static resources assertPathIsIgnored("/css/style.css"); -- 2.39.5