seaweedfs/.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Chris Lu <chrislusf@users.noreply.github.com>	2025-12-12 13:37:31 -0800
committer	GitHub <noreply@github.com>	2025-12-12 13:37:31 -0800
commit	b0e0c5aaabd393ca633c9c1e5d24d15d47e05bec (patch)
tree	53dca39f1cc83397320e4b56aae8f400d9774c77 /weed/admin/handlers/admin_handlers.go
parent	e8b734703128d206305de980988fb5a34f721eef (diff)
download	seaweedfs-b0e0c5aaabd393ca633c9c1e5d24d15d47e05bec.tar.xz seaweedfs-b0e0c5aaabd393ca633c9c1e5d24d15d47e05bec.zip

s3: enable auth when IAM integration is configured (#7726)

When only IAM integration is configured (via -s3.iam.config) without traditional S3 identities, the isAuthEnabled flag was not being set, causing the Auth middleware to bypass all authentication checks. This fix ensures that when SetIAMIntegration is called with a non-nil integration, isAuthEnabled is set to true, properly enforcing authentication for all requests. Added negative authentication tests: - TestS3AuthenticationDenied: tests rejection of unauthenticated, invalid, and expired JWT requests - TestS3IAMOnlyModeRejectsAnonymous: tests that IAM-only mode properly rejects anonymous requests Fixes #7724

Diffstat (limited to 'weed/admin/handlers/admin_handlers.go')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: