Ticket #1092 (closed defect: fixed)

Opened 2 years ago

Last modified 2 years ago

HttpAuthPlugin broken on trac-0.10.3

Reported by: Shawn Assigned to: coderanger
Priority: normal Component: HttpAuthPlugin
Severity: blocker Keywords:
Cc: Trac Release: 0.10

Description

This plug-in works fine with 0.10 but broken under 0.10.3

By checking the code it seems that the method 

# IAuthenticator methods
    def authenticate(self, req):

will be invoked prior to the method 

 # IRequestFilter methods
    def pre_process_request(self, req, handler):

So from the log, we can see use was authenticated successfully, but the authenticate method returns None.

My quick workaround is copy the autenticate code from pre_process_request to authenticate method and it works.

Attachments

Change History

01/12/07 19:30:14 changed by chrisje@home.nl

Though I know some basics of python (position sensitive etc.), I'm not very familiar with it. I managed to fix bug 1093 myself, but this one I couldn't get to work.

What exactly did you change to get it to work?

01/12/07 19:53:58 changed by chrisje@home.nl

Ah, I got it working now. I did the copying of the code correct, but I also needed to add /xmlrpc to the authentication configuration for apache. Now I have a login form on the webpage _and_ xmlrpc access for eclipse, yay! ;-)

01/15/07 00:52:48 changed by Shawn

Here is my hack, hope it helps before the 'official' patch is out 

    # IAuthenticator methods
    def authenticate(self, req):
        if req.remote_user:
            return req.remote_user
        for path in self.paths:
            if req.path_info.startswith(path):
                header = req.get_header('Authorization')
                if header is None:
                    self.log.info('HTTPAuthFilter: No authentication data given, returing 403')
                    return None # Run HTTP auth
                else:
                    token = header.split()[1]
                    user, passwd = base64.b64decode(token).split(':', 1)
                    if AccountManager(self.env).check_password(user, passwd):
                        self.log.debug('HTTPAuthFilter: Authentication okay')
                        # req.environ['REMOTE_USER'] = user
                        # self.log.debug(req.remote_user)
                        return user
                    else:
                        self.log.info('HTTPAuthFilter: Bad authentication data given, returing 403')
                        return None # Failed auth
        return None

01/22/07 22:10:39 changed by coderanger

  • status changed from new to closed.
  • resolution set to fixed.

(In [1890]) What was I smoking when I wrote this? Should actually work now. (closes #1092)

Add/Change #1092 (HttpAuthPlugin broken on trac-0.10.3)




Change Properties
Action