weizhouapache commented on pull request #5337: URL: https://github.com/apache/cloudstack/pull/5337#issuecomment-902468743
> We could do that @weizhouapache - However, my understanding is, if a null / empty uname / password is provided as part of any API args - the corresponding APIs logic would ideally validate the correctness of the input or the authorization would fails if it's empty - which is the assumption that we had even before this check was added by - #5136. #5136 is good I think, it fixes some potential missing validations, and causes few regressions (for example the issue you mentioned in PR description). in my opinion, it's better to fix the regression (eg, optional username/password in specific api), instead of rolling back to old behavior (skip validation on username/password in all apis). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
