Modify

Opened 6 years ago

Closed 6 years ago

Last modified 6 years ago

#13472 closed defect (cantfix)

with LDAP Plugin unable to authenticate using XMLRPC

Reported by: sandeep.nadkarni@… Owned by:
Priority: normal Component: TracLdapAuthPlugin
Severity: normal Keywords:
Cc: Trac Release: 1.2

Description

HI,

We are trying to get details of tickets from trac through xmlrpc / json. we are not able to use https://example.com/test/login/rpc or jsonrpc

anonymous user works just fine..

normal ldap auth is working fine.

TRAC 1.2.3 python 2.7.5 CentOS 7.4 TracLdapAuth 1.2.2

Attachments (1)

trac-issue.txt (2.2 KB) - added by sandeep.nadkarni@… 6 years ago.
requested contents of trac.ini file

Download all attachments as: .zip

Change History (16)

comment:1 Changed 6 years ago by sandeep.nadkarni@…

Error is {"error": {"message": "Authentication information not available", "code": -32603, "name": "JSONRPCError"}, "result": null, "id": null}

Version 0, edited 6 years ago by sandeep.nadkarni@… (next)

comment:3 Changed 6 years ago by anonymous

Severity: majorcritical

yes

[account_manager]
environ_auth_overwrite = false

[components] 
trac.web.auth.LoginModule = disabled 

are already exist in trac.ini.

Last edited 6 years ago by Ryan J Ollos (previous) (diff)

comment:4 Changed 6 years ago by Ryan J Ollos

Owner: Nikolaos Papagrigoriou deleted

comment:5 Changed 6 years ago by Ryan J Ollos

Priority: highnormal
Severity: criticalnormal

comment:6 Changed 6 years ago by sandeep.nadkarni@…

Any Pointer ?

comment:7 in reply to:  3 Changed 6 years ago by Jun Omae

Replying to anonymous:

yes

[account_manager]
environ_auth_overwrite = false

The section should be [account-manager], not [account_manager].

However, the environ_auth_overwrite option just sets the username via form authentication to environ['REMOTE_USER']. I think the option cannot solve the issue when XMLRPC request without form authentication.

I guess HttpAuthPlugin is needed to solve it.

Anyway, please post entire of [account-manager] and [components] sections in trac.ini.

Changed 6 years ago by sandeep.nadkarni@…

Attachment: trac-issue.txt added

requested contents of trac.ini file

comment:8 Changed 6 years ago by sandeep.nadkarni@…

file is attached containing requested details for your reference

comment:9 Changed 6 years ago by Jun Omae

  1. Try to install HttpAuthPlugin and enable httpauth.* in components section.
[components]
httpauth.* = enabled
  1. Confirm that /login/jsonrpc responds 401 Unauthorized status line:
    $ curl -sv -o /dev/null http://your-host/path-to-env/login/jsonrpc
    > ...
    >
    < HTTP/1.1 401 Unauthorized
    < ....
    < Date: Wed, 26 Sep 2018 10:02:37 GMT
    < WWW-Authenticate: Basic realm="auth"
    < ...
    
  1. Try to call system.getAPIVersion() via JSON-RPC using curl.
    $ curl -s -u YOUR-USERNAME \
      -H 'Content-Type: application/json' \
      --data '{"params":[], "method":"system.getAPIVersion", "id":42}' \
      http://your-host/path-to-env/login/jsonrpc
    Enter host password for user 'YOUR-USERNAME':
    {"id": 42, "result": [1, 1, 7], "error": null}
    
Last edited 6 years ago by Ryan J Ollos (previous) (diff)

comment:10 in reply to:  9 Changed 6 years ago by Jun Omae

comment:11 Changed 6 years ago by sandeep.nadkarni@…

when executed this after setting httpauth.* = enable and executing

$ curl -s -u YOUR-USERNAME \
  -H 'Content-Type: application/json' \
  --data '{"params":[], "method":"system.getAPIVersion", "id":42}' \
  http://your-host/path-to-env/login/jsonrpc

{"id": 42, "result": [1, 1, 8], "error": null}

this is the result

Last edited 6 years ago by Ryan J Ollos (previous) (diff)

comment:12 Changed 6 years ago by sandeep.nadkarni@…

my url is https and not http

comment:13 Changed 6 years ago by Jun Omae

Okay. It seems that your JSONRPC with authenticated user works fine.

If you want to use https://example.com/test/login/rpc instead of https://example.com/test/login/jsonrpc, add /login/rpc to [httpauth] paths to require HTTP authentication:

[httpauth]
paths = /login/rpc,/xmlrpc,/login/xmlrpc,/jsonrpc,/login/jsonrpc

comment:14 Changed 6 years ago by sandeep.nadkarni@…

It worked .. thanks

comment:15 Changed 6 years ago by Jun Omae

Resolution: cantfix
Status: newclosed

Thanks for the feedback. Closing cantfix since that's a configuration issue.

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The ticket will remain with no owner.
The resolution will be deleted. Next status will be 'reopened'.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.