Opened 16 years ago
Last modified 11 years ago
#2498 assigned defect
Unable to login - even from browser
| Reported by: | anonymous | Owned by: | txcraig |
|---|---|---|---|
| Priority: | normal | Component: | HttpAuthPlugin |
| Severity: | normal | Keywords: | |
| Cc: | Thijs Triemstra | Trac Release: | 0.10 |
Description
I enable the plugin, but then when I test it by go to the /xmlrpc, trying to enter any username/password created by AccountManager plugin doesn't work.
Attachments (0)
Change History (13)
comment:1 Changed 16 years ago by
comment:2 Changed 16 years ago by
I have the same issue..here are the relevant Trac.ini settings..
[account-manager] password_file = [path]/trac_sites/scoreabm.passwd password_format = htpasswd [components] acct_mgr.* = enabled httpauth.filter.httpauthfilter = enabled tracrpc.* = enabled webadmin.* = enabled httpauth.* = enabled trac.web.auth.LoginModule = disabled acct_mgr.web_ui.LoginModule = enabled acct_mgr.htfile.HtPasswdStore = enabled [httpauth] paths = /xmlrpc, /login/xmlrpc
comment:3 Changed 16 years ago by
I had the same problem and found a solution:
Some part (FastCGI, AccountManager or HttpAuthPlugin) expects the authenthcation information in the HTTP_AUTHORIZATION Header.
But the information is stored in the Authorization Header.
Solution in the Apache2-Config:
Tell FastCGI to pass the Header:
FastCgiConfig -pass-header HTTP_AUTHORIZATION
Add the additional header:
RewriteEngine on
RewriteCond %{HTTP:Authorization} (.*)
RewriteRule .* - [E=AUTHINFO:%1]
RequestHeader add HTTP_AUTHORIZATION %{AUTHINFO}e env=AUTHINFO
comment:4 Changed 16 years ago by
Thanks for the diagnosis/solution. Unfortunately, I don't have access to my Apache config. Any ideas for working around this issue w/o editing config?
comment:5 Changed 16 years ago by
You could just write the config to an .htaccess file.
Unfortunately, this does not work for the FastCgiConfig, but maybe it is your lucky day and it works.
comment:6 Changed 15 years ago by
had the same problem while trying to force httpauth to all uris with "format=rss" on trac0.11.2.1 and accountmanager while using fgcid in apache2 and form based auth behind forced ssl.
bottomline: what Till describes above works fine, also with fcgid, just add
PassHeader HTTP_AUTHORIZATION
to the fcgid config
i also use the patch suggested in #3100
i think this should be better documented and closed
comment:7 follow-up: 8 Changed 15 years ago by
I had the same issue with WSGI:
Solution -
Add WSGIPassAuthorization On
to your apache config for your site.
comment:8 follow-up: 9 Changed 15 years ago by
| Cc: | Thijs Triemstra added; anonymous removed |
|---|
Replying to tch:
I had the same issue with WSGI:
Solution -
Add WSGIPassAuthorization On
to your apache config for your site.
Seems like this, and other suggestions in this ticket, should be documented on the plugin's frontpage, and then it can be closed?
comment:9 Changed 15 years ago by
Any ideas on how to get around this when using mod_python (No WSGI, FastCGI) etc. I am currently unable to use the Register and Change Password features of the AccountManager due to this.
Also, am I correct in thinking this is linked to 1390? I get the same error message when attempting to log in after having created a new user.
Relevant trac.ini section
[account-manager] hash_method = HtPasswdHashMethod password_file = /path/to/htpasswd password_store = HtPasswdStore [components] acct_mgr.admin.accountmanageradminpage = enabled acct_mgr.api.accountmanager = enabled acct_mgr.htfile.abstractpasswordfilestore = disabled acct_mgr.htfile.htpasswdstore = enabled acct_mgr.http.httpauthstore = disabled acct_mgr.notification.accountchangelistener = enabled acct_mgr.notification.accountchangenotificationadminpanel = enabled acct_mgr.pwhash.htpasswdhashmethod = enabled acct_mgr.web_ui.accountmodule = enabled acct_mgr.web_ui.emailverificationmodule = disabled acct_mgr.web_ui.loginmodule = disabled acct_mgr.web_ui.registrationmodule = enabled httpauth.* = enabled trac.web.auth.loginmodule = enabled
comment:10 Changed 15 years ago by
what is the solution without an apache2?
i try to connect with eclipse/mylin to http://.../trac/login/xmlrpc and i got this msg: Unable to authenticate with repository. Login credentials invalid.
and if i try it with a browser, the login prompt toggled and i have to cancel.
comment:11 follow-up: 12 Changed 14 years ago by
Having the same problem described here, I couldn't use the solution described. For whatever reason, I always finished with a error 500 on my server.
For the record, I'm using Dreamhost for server and I use a custom python to run the Trac.
For this to work, I added these line in my .htaccess file :
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
Didn't put them in any <if> or whatever, so I hope it can help some if you ever get on this page. With this config, EclipseWiki integration works. Finally
comment:12 Changed 12 years ago by
Replying to daddy.cool.78@gmail.com:
Having the same problem described here, I couldn't use the solution described. For whatever reason, I always finished with a error 500 on my server.
For the record, I'm using Dreamhost for server and I use a custom python to run the Trac.
For this to work, I added these line in my .htaccess file :
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1Didn't put them in any <if> or whatever, so I hope it can help some if you ever get on this page. With this config, EclipseWiki integration works. Finally
Brilliant, thanks for that. Worked perfectly for me on Dreamhost (trying to get it working so it connects to my Zend Studio).
comment:13 Changed 11 years ago by
| Owner: | changed from Noah Kantrowitz to txcraig |
|---|---|
| Status: | new → assigned |
I am adopting this plugin. Looks like there are some documentation updates needed and this can be closed.
I've got the same issue over here.