Opened 4 years ago
Closed 2 years ago
#6035 closed defect (worksforme)
/login/xmlrpc authorization required
| Reported by: | ddhanlon@… | Owned by: | osimons |
|---|---|---|---|
| Priority: | high | Component: | XmlRpcPlugin |
| Severity: | normal | Keywords: | |
| Cc: | fredrik@… | Trac Release: | 0.11 |
Description
Hi,
If I'm not using the httpauth plugin for paths /xmlrpc and /login/xmlrpc and I attempt to access those paths, I get the following error returned <Fault 1: 'XML_RPC privleges are required to perform this operation'>. However when I do enable httpauth and I attempt to access /login/xmlrpc using the same credentials I use to access the trac system, I get the following error returned: 401 Authorization Required. What could I be doing wrong? If you need more information, please let me know.
Attachments (0)
Change History (8)
comment:1 Changed 4 years ago by anonymous
comment:2 Changed 4 years ago by osimons
- Component changed from XmlRpcPlugin to HttpAuthPlugin
- Owner changed from osimons to coderanger
No idea, as I don't use AccountManagerPlugin and HttpAuthPlugin. Your setup / config issues are really not an issue with the XmlRpcPlugin as that is completely unaware of whatever auth happens (if any).
Tempted to change Component to HttpAuthPlugin, but will just leave it as-is until someone provides the answer for the benefit of everyone - and perhaps also updates wiki docs if needed.
comment:3 Changed 4 years ago by osimons
- Component changed from HttpAuthPlugin to XmlRpcPlugin
- Owner changed from coderanger to osimons
Ooops. Seems I managed to switch Component anyway. Switching back for now...
comment:4 Changed 3 years ago by lfelipe
- Owner changed from osimons to lfelipe
- Status changed from new to assigned
comment:5 Changed 3 years ago by lfelipe
- Owner changed from lfelipe to osimons
- Status changed from assigned to new
hmmm, accidentally assigned it to myself, reverting.
comment:6 follow-up: ↓ 7 Changed 2 years ago by frekwent
- Cc fredrik@… added
I'm getting the same error (401 Authorization Required) using the sample code that lists available xmlrpc methods. If I put the exact same URL in a browser, I get the same behaviour. Changing path to /trac/wiki instead of /trac/login/xmlrpc things works as expected.
If I instead access /trac/login/rpc I get this error: "XML_RPC privileges are required to perform this operation"
After enabling logging (DEBUG) I see that I've got TracXMLRPC, httpauth.filter and acct_mgr.admin (and more) installed. The trac.ini file contains this:
root@server:/srv/trac/ad10gbg/log# egrep -C 2 "(http|xml)" ../conf/trac.ini [components] httpauth.* = enabled tracrpc.* = enabled [httpauth] paths = /xmlrpc, /login/xmlrpc
When I use Firefox with a logging proxy (sprout) the Authentication headers contains the string "Basic". (I reccon this means that Digest is not in play?)
comment:7 in reply to: ↑ 6 Changed 2 years ago by frekwent
Replying to frekwent:
I'm getting the same error ![...]
My solution to this problem was/is to:
- disable httpauth component (and configuration) - basically all the configuration lines with httpauth or xmlrpc in them were removed (or commented out)
- add proper permissions to all users in the group !"authenticated": trac-admin /path/to/trac/dir permission add authenticated XML_RPC
This works fine for me and I've not yet seen it break anything else.
comment:8 Changed 2 years ago by osimons
- Resolution set to worksforme
- Status changed from new to closed
Looks like this is configuration issues. Seeing RPC plugin is not involved in any aspect of authentication I don't think there is more to do at this point.
Reopen and reassign to other plugin+owner if anyone has a different opinion.
IS there any update to this problem? I am also having the same problem (getting 401 when accesses /projectname/login.xmlrpc.