Opened 4 years ago

Last modified 4 years ago

#10777 assigned defect

TypeError: Incorrect padding after enabling the plugin

Reported by: Rafael Owned by: txcraig
Priority: normal Component: HttpAuthPlugin
Severity: critical Keywords:
Cc: Jan Beilicke Trac Release: 1.0


Activating the plugin, causes the following traceback, even if I just want to access the root of the Trac installation (e.g. /trac and not /trac/login/xmlrpc).

Traceback (most recent call last):
  File "/usr/local/lib/python2.6/dist-packages/Trac-1.0-py2.6.egg/trac/web/", line 502, in send_error
    data, 'text/html')
  File "/usr/local/lib/python2.6/dist-packages/Trac-1.0-py2.6.egg/trac/web/", line 955, in render_template
    message = req.session.pop('chrome.%s.%d' % (type_, i))
  File "/usr/local/lib/python2.6/dist-packages/Trac-1.0-py2.6.egg/trac/web/", line 304, in __getattr__
    value = self.callbacks[name](self)
  File "/usr/local/lib/python2.6/dist-packages/Trac-1.0-py2.6.egg/trac/web/", line 268, in _get_session
    return Session(self.env, req)
  File "/usr/local/lib/python2.6/dist-packages/Trac-1.0-py2.6.egg/trac/web/", line 200, in __init__
    if req.authname == 'anonymous':
  File "/usr/local/lib/python2.6/dist-packages/Trac-1.0-py2.6.egg/trac/web/", line 304, in __getattr__
    value = self.callbacks[name](self)
  File "/usr/local/lib/python2.6/dist-packages/Trac-1.0-py2.6.egg/trac/web/", line 135, in authenticate
    authname = authenticator.authenticate(req)
  File "build/bdist.linux-x86_64/egg/httpauth/", line 65, in authenticate
    user = self._check_password(req)
  File "build/bdist.linux-x86_64/egg/httpauth/", line 76, in _check_password
    user, passwd = b64decode(token).split(':', 1)
  File "/usr/lib/python2.6/", line 76, in b64decode
    raise TypeError(msg)
TypeError: Incorrect padding

Shouldn’t the plugin just ignore folders that don’t match the path and return a proper HTTP error code on missing auth parameters instead of raising an exception?

Attachments (0)

Change History (6)

comment:1 Changed 4 years ago by Rafael

The error is gone when the user is already logged in or when I add a irrelevant user parameter to the URL, i.e. I can access, log in and then continue to use the site. But when I go to while logged out, I get the above error message. Shouldn’t the preprocess function ignore all paths except /trac/login/xmlrpc by default? I didn’t set anything in the trac.ini.

comment:2 Changed 4 years ago by txcraig

Owner: changed from Noah Kantrowitz to txcraig
Status: newassigned

I am adopting maintenance of this plugin

comment:3 Changed 4 years ago by Jan Beilicke

Cc: Jan Beilicke added; anonymous removed

comment:4 Changed 4 years ago by Jan Beilicke

I have the same issue. Passing the auth credentials in the URL works.

comment:5 Changed 4 years ago by Jan Beilicke

Maybe related: #3549

There, the likely explanation is the usage of htdigest instead of basic authentication.

comment:6 Changed 4 years ago by anonymous

Tip for Digest Authentication users: Do not have the <Location /trac/login/rpc>... clause in your VirtualHost definition. Instead, let HTTPAuthPlugin send the authentication request to your XMLRPC client as a Basic Authentication request. HTTPAuthPlugin is designed to work with Basic Authentication which will return the user's credentials as in the form of "username:password" back to the server. This, in turn, gets passed to the AccountManagerPlugin, which will handle the the password checking properly, because the lower-level handlers will know how to parse the digest password file and do the proper MD5 hash.

My Trac site, which uses Apache 2.4 + mod_wsgi + SSL now works correctly for regular user interactivity as well as XMLRPC automation scripts.

Modify Ticket

as assigned The owner will remain txcraig.

Add Comment

E-mail address and name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.