Opened 9 years ago

Last modified 9 years ago

#10777 assigned defect

TypeError: Incorrect padding after enabling the plugin

Reported by: Rafael Owned by: txcraig
Priority: normal Component: HttpAuthPlugin
Severity: critical Keywords:
Cc: Jan Beilicke Trac Release: 1.0


Activating the plugin, causes the following traceback, even if I just want to access the root of the Trac installation (e.g. /trac and not /trac/login/xmlrpc).

Traceback (most recent call last):
  File "/usr/local/lib/python2.6/dist-packages/Trac-1.0-py2.6.egg/trac/web/", line 502, in send_error
    data, 'text/html')
  File "/usr/local/lib/python2.6/dist-packages/Trac-1.0-py2.6.egg/trac/web/", line 955, in render_template
    message = req.session.pop('chrome.%s.%d' % (type_, i))
  File "/usr/local/lib/python2.6/dist-packages/Trac-1.0-py2.6.egg/trac/web/", line 304, in __getattr__
    value = self.callbacks[name](self)
  File "/usr/local/lib/python2.6/dist-packages/Trac-1.0-py2.6.egg/trac/web/", line 268, in _get_session
    return Session(self.env, req)
  File "/usr/local/lib/python2.6/dist-packages/Trac-1.0-py2.6.egg/trac/web/", line 200, in __init__
    if req.authname == 'anonymous':
  File "/usr/local/lib/python2.6/dist-packages/Trac-1.0-py2.6.egg/trac/web/", line 304, in __getattr__
    value = self.callbacks[name](self)
  File "/usr/local/lib/python2.6/dist-packages/Trac-1.0-py2.6.egg/trac/web/", line 135, in authenticate
    authname = authenticator.authenticate(req)
  File "build/bdist.linux-x86_64/egg/httpauth/", line 65, in authenticate
    user = self._check_password(req)
  File "build/bdist.linux-x86_64/egg/httpauth/", line 76, in _check_password
    user, passwd = b64decode(token).split(':', 1)
  File "/usr/lib/python2.6/", line 76, in b64decode
    raise TypeError(msg)
TypeError: Incorrect padding

Shouldn’t the plugin just ignore folders that don’t match the path and return a proper HTTP error code on missing auth parameters instead of raising an exception?

Attachments (0)

Change History (6)

comment:1 Changed 9 years ago by Rafael

The error is gone when the user is already logged in or when I add a irrelevant user parameter to the URL, i.e. I can access, log in and then continue to use the site. But when I go to while logged out, I get the above error message. Shouldn’t the preprocess function ignore all paths except /trac/login/xmlrpc by default? I didn’t set anything in the trac.ini.

comment:2 Changed 9 years ago by txcraig

Owner: changed from Noah Kantrowitz to txcraig
Status: newassigned

I am adopting maintenance of this plugin

comment:3 Changed 9 years ago by Jan Beilicke

Cc: Jan Beilicke added; anonymous removed

comment:4 Changed 9 years ago by Jan Beilicke

I have the same issue. Passing the auth credentials in the URL works.

comment:5 Changed 9 years ago by Jan Beilicke

Maybe related: #3549

There, the likely explanation is the usage of htdigest instead of basic authentication.

comment:6 Changed 9 years ago by anonymous

Tip for Digest Authentication users: Do not have the <Location /trac/login/rpc>... clause in your VirtualHost definition. Instead, let HTTPAuthPlugin send the authentication request to your XMLRPC client as a Basic Authentication request. HTTPAuthPlugin is designed to work with Basic Authentication which will return the user's credentials as in the form of "username:password" back to the server. This, in turn, gets passed to the AccountManagerPlugin, which will handle the the password checking properly, because the lower-level handlers will know how to parse the digest password file and do the proper MD5 hash.

My Trac site, which uses Apache 2.4 + mod_wsgi + SSL now works correctly for regular user interactivity as well as XMLRPC automation scripts.

Modify Ticket

Change Properties
Set your email in Preferences
as assigned The owner will remain txcraig.

Add Comment

E-mail address and name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.