diff --git a/src/common/security/secret/context.go b/src/common/security/secret/context.go index 3b24afa50..39aa1e4d6 100644 --- a/src/common/security/secret/context.go +++ b/src/common/security/secret/context.go @@ -16,6 +16,7 @@ package secret import ( "github.com/vmware/harbor/src/common/secret" + "github.com/vmware/harbor/src/common/utils/log" ) // SecurityContext implements security.Context interface based on secret store @@ -35,9 +36,15 @@ func NewSecurityContext(secret string, store *secret.Store) *SecurityContext { // IsAuthenticated returns true if the secret is valid func (s *SecurityContext) IsAuthenticated() bool { if s.store == nil { + log.Debug("secret store is nil") return false } - return s.store.IsValid(s.secret) + valid := s.store.IsValid(s.secret) + if !valid { + log.Debugf("invalid secret: %s", s.secret) + } + + return valid } // GetUsername returns the corresponding username of the secret diff --git a/src/ui/filter/security.go b/src/ui/filter/security.go index 10e0f720d..8a24eb607 100644 --- a/src/ui/filter/security.go +++ b/src/ui/filter/security.go @@ -50,7 +50,7 @@ func Init() { // integration with admiral if config.WithAdmiral() { reqCtxModifiers = []ReqCtxModifier{ - &secretReqCtxModifier{}, + &secretReqCtxModifier{config.SecretStore}, &tokenReqCtxModifier{}, &unauthorizedReqCtxModifier{}} return @@ -58,7 +58,7 @@ func Init() { // standalone reqCtxModifiers = []ReqCtxModifier{ - &secretReqCtxModifier{}, + &secretReqCtxModifier{config.SecretStore}, &basicAuthReqCtxModifier{}, &sessionReqCtxModifier{}, &unauthorizedReqCtxModifier{}}