only Intercepting/hijack is giving 403 forbidden #5806
-
Hello, We are getting 403 forbidden only for the Intercepting/hijacking operations for concourse containers. Also, I have a garden configuration like below,
Can somebody help, what might have been the problem ? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
It's the Line 192 in 559620b and the resulting wrapped handler will give a 403 if concourse/atc/api/team_scoped_handler_factory.go Lines 35 to 52 in 559620b Inspecting the implementation of that function, we see that it will be true if you are an admin or if you have the required role for the concourse/atc/api/accessor/accessor.go Lines 44 to 59 in 559620b The natural question then, is -- what role does your user have on that team? By default, you must be a but you also might have overridden this using There is another code path that results in a 403, but hopefully this helps. |
Beta Was this translation helpful? Give feedback.
It's the
ListContainers
action that is giving you this 403. Analyzing the v6.0.0 source code, we can see that theListContainers
is wrapped by a team-scoped handler factory:concourse/atc/api/handler.go
Line 192 in 559620b
and the resulting wrapped handler will give a 403 if
accessor.IsAuthorized
returns false for the given team:concourse/atc/api/team_scoped_handler_factory.go
Lines 35 to 52 in 559620b