Skip to content

Commit

Permalink
(PE-36769) remove header warning from request->cert
Browse files Browse the repository at this point in the history 
This commit removes a warning log entry for the presense of a cert
in the request header when allow-header-cert-info is false.

This particular logging was deemed not terribly useful in general,
and the fix for agent auto-renew when CA proxy is present will
generate lots of log noise if it is present.
  • Loading branch information
@steveax
steveax committed Aug 31, 2023
1 parent 8cc232d commit e684082
Showing 1 changed file with 1 addition and 3 deletions.
4 changes: 1 addition & 3 deletions src/puppetlabs/trapperkeeper/authorization/ring_middleware.clj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -183,9 +183,7 @@
(let [header-cert-val (get-in request [:headers header-cert-name])]
(if allow-header-cert-info
(header->cert header-cert-val)
(do
(warn-if-header-value-non-nil header-cert-name header-cert-val)
(:ssl-client-cert request)))))
(:ssl-client-cert request))))

(schema/defn request->extensions :- acl/Extensions
"Given a request, return a map of shortname -> value for all of the extensions
Expand Down

0 comments on commit e684082

Please sign in to comment.